Security

Previous Topic Next Topic

Privacy and Integrity Mechanisms in Windows 2000 Server

Windows 2000 Server supports three major privacy and integrity protocols: Secure Sockets Layer (SSL), Transport Layer Security (TLS), and IP Security (IPSec). Data privacy and data integrity are usually provided through encryption.

A Brief Overview of Public and Symmetric Key Cryptography

Cryptography is a set of standards and protocols for encoding data and messages, so that they can be stored and transmitted securely. The following introduces the basic terminology of cryptography and explains some of the common methods used.

  • Cryptography allows you to achieve secure communications, even when the transmission medium (for example, the Internet) is untrustworthy. You can also use it to encrypt your sensitive files, so that an intruder cannot understand them.
  • Cryptography can be used to ensure data integrity as well as to maintain secrecy.
  • Cryptography makes it possible to verify the origin of data and messages, by using digital signatures and certificates.
  • When you use cryptographic methods, the cryptographic keys must remain secret. The algorithms, key sizes, and file formats can be made public without compromising security.

The two fundamental operations of cryptography are encryption and decryption. Encryption involves scrambling the data in such a way that it becomes infeasible to deduce the original information, unless you have access to the appropriate key. Decryption is the reverse process—scrambled data is turned into the original text by using a key.

In order to encrypt and decrypt, you need an encryption algorithm and a key. Many encryption algorithms exist, including Data Encryption Standard (DES), Rivest­Sharmir­Adleman (RSA) encryption, RC2, and RC5. A key is used in conjunction with the algorithm to convert the plaintext (readable by humans) into ciphertext (scrambled, unreadable by humans).

DES, RC2, and RC5 are known as symmetric key technology because the key used to encrypt the data is the same one used to decrypt it. Hence the key must be a shared secret between the party encrypting the data and the party decrypting it. You can use public key technology to pass the key securely to the other party.

RSA is known as public key, or asymmetric, technology, because two keys are used: a public and a private key. The keys are mathematically related, but it is infeasible to deduce one without knowing the other. The private key is kept private—only the party generating the key pair should have access to it. The public key can be freely shared over an insecure medium such as the Internet.

With public key systems, there is no shared secret between the two parties. If the public key is used to encrypt the data, then only the private key can decrypt it. Similarly, if the private key is used to encrypt the data, then only the public key can decrypt it. The following scenario provides a simple example of how public keys are used.

A Public Key Scenario

In this scenario, Alice wants to send Bob a message, but she wants to make sure only Bob can read it. To do this, the following steps are performed:

  • Alice gets a copy of Bob’s public key, possibly from the directory, a Web site, or an e-mail message.
  • She uses this key to encrypt the data.
  • She sends the encrypted data to Bob. Because the data was encrypted using his public key, only his private key can be used to decrypt it.

Bob uses his private key to decrypt the data, and reads Alice’s message.

See the following:


© 1997-1999 Microsoft Corporation. All rights reserved.