Encryption - PowerPoint PPT Presentation

1 / 18

About This Presentation

Title:

Encryption

Description:

Number of Views:31

Avg rating:3.0/5.0

Slides: 19

Provided by: terryfelk

Category:

Tags: encryption

Transcript and Presenter's Notes

Title: Encryption

1
Encryption

2
E-Commerce Risksfor Businesses

3
E-Commerce Risksfor Consumers

4
E-CommerceIssues

5
E-CommerceSecurity

Encryption
Used to ensure privacy within an organization and
on the Internet.
The conversion of data into an unreadable form,
called a ciphertext. This ciphertext cannot be
easily understood by unauthorized individuals.
Decryption
The process of converting the ciphertext back
into its original form, called plaintext or
cleartext, so it can be understood.
The encryption/decryption process requires an
algorithm and a key.

6
E-Commerce SecurityEncryption Types

Secure E-Commerce transactions make use of the
encryption technologies below
Symmetric-key Encryption
Asymmetric-key Encryption
Hash Encryption
These technologies are used as part of SSL
(Secure Sockets Layer) the technology that
helps to make commerce on the Internet secure.

7
E-Commerce SecurityTypes of Encryption(1)

Symmetric-Key Encryption
Also called single-key encryption.
Both the encryption and decryption use the same
key.
Since the key must be kept secret from others,
both the sender and receiver must know the key
before communicating using encryption.
An advantage of symmetric-key encryption is speed.

8
E-Commerce SecurityTypes of Encryption(2)

9
E-Commerce SecurityTypes of Encryption(3)

Hash Encryption
A hash algorithm transforms a string of
characters into a usually shorter fixed-length
value or key that represents the original string,
called a digest.
Hash encryption is one-way encryption.
Hash encryption is used for information that will
not be read or decrypted.
The function of hash encryption is to verify the
integrity of information.

10
Secure Sockets Layer(SSL)

SSL is a protocol that allows data to be
privately exchanged over public networks.
SSL was developed by Netscape and is used to
encrypt data sent between a client (usually a web
browser) and a web server.
SSL utilizes both symmetric and asymmetric keys.
SSL uses the https protocol instead of the
http protocol
Most browsers display a lock icon when SSL is
being used.

11
Secure Sockets Layer(SSL)

12
SSL in Action
13
SSL DigitalCertificate

SSL enables two computers to securely communicate
by using a digital certificate for
authentication.
A digital certificate is a form of an asymmetric
key that also contains information about the
certificate, the holder of the certificate, and
the issuer of the certificate.

14
Digital Certificate

15
Certificate Authority

A Certificate Authority is a trusted third-party
organization or company that issued digital
certificates.
Well-known Certificate Authorities
Verisign
http//www.verisign.com
Thawte
http//www.thawte.com

16
Obtaininga Digital Certificate

Request a certificate from a Certificate
Authority and pay the application fee.
The Certificate Authority
verifies your identity,
issues your Certificate,
and supplies you with a public/private key pair.
Store the certificate in your software - such as
a web server, web browser, or e-mail application.
The Certificate Authority makes your certificate
publicly known.

17
SSL Digital Certificates

When you visit an e-commerce site that uses SSL,
a number of steps are involved in the
authentication process.
The web browser and web server go through initial
handshaking steps using the server certificate
and keys.
Once trust is established, the web browser
encrypts the single secret key (symmetric key)
that will be used for the rest of the
communication.
From this point on, all data is encrypted using
the secret key.

18
Questions