Cryptography Essay Example | Topics and Well Written Essays - 1000 words

Cryptography - Essay Example My organisation is not an exception to this rule and conversations with the IT department head affirmed the use of cryptographic technologies, even as it established that they were hardly a foolproof defence against unauthorised access. Cryptography is used for the protection of all data stored on the organisation's networks and servers. As explained by Juels (2003) cryptography involves the encryption of data or their rendition into secret, indecipherable code, for the explicit prevention of their interpretation and use if they are accessed without the proper authorization. Not only is it integral for the protection of company-related data but, within the context of e-business and e-commerce, imperative for the concealment of information relating to customer payment transactions and credit card details. The purpose of encryption, as defined in the preceding paragraph, is the protection of data as it is transmitted across networks. As Oliva et al. (2004) explain, when data is being transmitted across networks, it runs the risk of being intercepted or captured by a third party. If it is encrypted, however, not only is the risk of interception substantially reduced but, more importantly, if intercepted, the deciphering of the data in question is extremely difficult. In other words, if data transmitted over networks is intercepted, the fact that it is encrypted protects it both against tampering and modification, and its subsequent exploitation by the interceptor. Accordingly, and as Matsuura (2006) confirms, the imperatives of exploiting data encryption techniques are inarguable and that any organisation which fails to do so is, to all intents and purposes, acting both irresponsibly and carelessly. The IT department director confirmed the use of data encryption technologies. As he noted, whether as regards data stored on the organisation's networks or those transmitted across networks, all are encrypted. The decryption of data was initially enabled through passwords but, a number of incidents proved this an unreliable decryption method. As the IT director noted, while many security systems are designed in such a way that the entire security of the website depends upon secret passwords, the fact is that the password system is riddled with shortcomings. The first deficiency the password system has is that it requires precise recollection of secret information. If the user makes the smallest of errors when entering that secret information, authentication fails. Unfortunately, however, precise recall is not a strong human characteristic and this fact immediately conflicts with the requirements of password-secured systems. As a means of bypassing this limitation, people tend to pick and use very simple passwords which can easily be broken by password cracker programmes. Even when people bear in mind the dangers that such programs pose to the security of their passwords, they make the popular mistake of writing their passwords down and hiding them in an easily locatable place by their computer. Those sites which force users to periodically change their passwords for added security have not succeeded in resolving these problems but, rather, increased the need of people to write down their passwords. Additionally, as the number of