|
Why do electronic communications need to be secure?
The Internet makes it easy to collect information. It also makes it more difficult to protect information. Traditionally paper documents have provided a degree of security, which includes use of letterheads, watermarks and recognised signatures. Electronic communications need to offer at least this level of authenticity.
In addition the Internet was designed to share information, not to protect it or secure commercially sensitive information. Baycorp ID solves this with fully secure encryption (scrambling) technology. This gives users more tools to protect personal or organisation information. Top
What is cryptography?
|
Cryptography is the science of disguising information through encryption (scambling) and restoring it to its original form through decryption. It provides similar, but much stronger, security assurances that signatures, paper envelopes and codeboks have always provided. Top
What is encryption?
|
Encryption is a way of scrambling information so that the information cannot be understood by anyone other than the intended recipient. Top
What are public and private keys?
|
In a public key cryptography system two related keys, a public and a private key, are required to exchange information securely. One key is used to encrypt a message and the other in the pair to decrypt the message. Although each key in the pair is mathematically related, it is impossible to derive one from the other. The private key is protected even when someone knows the public key, so it is safe to openly distribute public keys. Top
Why use a Certification Authority for public key distribution?
|
If a colleague sends you their public key over the Internet, you could not be certain it was from them. A hacker could have sent you an email with a public key in it saying it was from your colleague. But the public key could actually be the hacker’s. Certification Authorities solve this problem by acting as a trusted third party. They essentially create an electronic document containing the public key with its "owners" name and digitally sign it. Top
How do I get a private and public key?
|
A pair of keys is usually generated by an appropriately trusted program on your computer or server. When the private key is created it will be automatically scrambled with a passphrase you supply. The public key will be submitted to a Certification Authority along with a request for a digital certificate. These certificates are usually valid for one year and are then renewed on a yearly basis. Top
What does a Certification Authority do with my public key?
|
When the Certification Authority receives a public key it waits for a user’s registration form. The Certification Authority makes further checks and once satisfied creates a digital certificate. The certificate includes some of the information the user supplied and the user’s public key. Top
Can I share these keys with others, are they portable from home to work, how do I protect them?
|
The private key remains scrambled. Most secure communications programs will allow you to export and import the private key, keeping it encrypted. A private key must not be shared. Top
|
|
|
|
|
|
|
|
|
|
|
