(Written in October 2017)
Cryptography is an essential part of the internet, allowing the secure transmission of private data through public networks. The field of cryptography is focused on the encryption and decryption of data. Encrypted data should ideally not be able to be decrypted by anyone other than the intended recipient (Savu). While ciphers for accomplishing this started out as simple substitution algorithms, they evolved along with technology to eventually become the complex ciphers found today like AES. The RSA standard marked the beginning of the popularity of public-key encryption (Savu). In this schema, the client and server have both public and private keys which can be used to encrypt and decrypt private communications as well as sign documents to verify one’s identity (Olzak).
Public key certificates provide a method for verification of identity. The most common and important use of public key certificates on the internet is SSL on websites—i.e. HTTPS-enabled sites (Savu). SSL provides security to both clients and servers; without it, data sent between a client and server can be intercepted in plaintext. Without SSL, user accounts on websites would be completely insecure; any important internet activities like financial transactions would be unfeasible. Through this technology, public key certificates allowed the internet to progress past the web 1.0 era into the extended user interaction of the current era.
Encryption alone is not enough to ensure the total security of a system. In order to ensure the most security possible, vulnerability to interception must be minimized and implementation of the encryption process itself must be flawless (Olzak). Enterprises should be wary of relying solely on encryption for security and should look into tightening measures surrounding the encrypted data (Olzak).
Cryptography is a large part of the internet’s backbone, providing a means for secure transmission of data. Without encryption, the internet in its current form would be unable to exist. Not only do user-interactive sites rely on it, but so does the backend of all servers. If all data were transmitted in plaintext, cyber attacks would be easy and constant. A strong encryption standard as well as implementation is necessary if total security and privacy is to be achieved.
Olzak, Tom. “Chapter 7: The Role of Cryptography in Information Security.” InfoSec Resources, InfoSec Institute, 11 June 2012, resources.infosecinstitute.com/role-of-cryptography/.
Savu, Laura. “Cryptography Role in Information Security.” Recent Researches in Communications and IT , www.wseas.us/e-library/conferences/2011/Corfu/CITCOM/CITCOM-04.pdf.