Resource Centre

Netrust's Frequently Asked Questions (F.A.Q) Page

Please click on the side index for more information.

The Internet makes it easy to collect information. It also makes it more difficult to protect information. Traditionally paper documents have provided a degree of security, which includes use of letterheads, watermarks and recognised signatures. Electronic communications need to offer at least this level of authenticity.

In addition the Internet was designed to share information, not to protect it or secure commercially sensitive information. Baycorp ID solves this with fully secure encryption (scrambling) technology. This gives users more tools to protect personal or organisation information.

Cryptography is the science of disguising information through encryption (scambling) and restoring it to its original form through decryption. It provides similar, but much stronger, security assurances that signatures, paper envelopes and codeboks have always provided.

Encryption is a way of scrambling information so that the information cannot be understood by anyone other than the intended recipient.

In a public key cryptography system two related keys, a public and a private key, are required to exchange information securely. One key is used to encrypt a message and the other in the pair to decrypt the message. Although each key in the pair is mathematically related, it is impossible to derive one from the other. The private key is protected even when someone knows the public key, so it is safe to openly distribute public keys.

When the Certification Authority receives a public key it waits for a user’s registration form. The Certification Authority makes further checks and once satisfied creates a digital certificate. The certificate includes some of the information the user supplied and the user’s public key.

A pair of keys is usually generated by an appropriately trusted program on your computer or server. When the private key is created it will be automatically scrambled with a passphrase you supply. The public key will be submitted to a Certification Authority along with a request for a digital certificate. These certificates are usually valid for one year and are then renewed on a yearly basis.

When the Certification Authority receives a public key it waits for a user’s registration form. The Certification Authority makes further checks and once satisfied creates a digital certificate. The certificate includes some of the information the user supplied and the user’s public key.

The private key remains scrambled. Most secure communications programs will allow you to export and import the private key, keeping it encrypted. A private key must not be shared.