Cryptography is exceedingly ef?¬?cient in ?¬?nding mathematical
algorithms that can protect the data in a fast and reliable way.
Nonetheless, that entire process is wasted if Alice and Bob are
not using the samealgorithm. Even in the lucky case in which
they both agree to use exactly the same algorithm and we solve
the problem of distributing the keys, we may still not know with
whom we are dealing. Alice may use a key for securing her
communication with Bob, but what guarantees does she have
that it is really Bob she is talking to? From whom did she get that
key? If Eve can somehow smuggle her own key to Alice, pretending
to be Bob, she will be able to decrypt everything that
was encrypted with that key. Sure, the channel is impenetrable
by everyone else, but that will not do any good for poor Alice,
who will be unsuspectingly handling to Eve data such as the
passwords she would have used for Bob??™s website. At that point,
Eve can go to Bob??™s website pretending to be Alice and supporting
her claim by using Alice??™s password. Bob will have no reason
to doubt Eve??™s claim and will grant her all the privileges
actually reserved for Alice. So much for having solved the problem!
The point here is that although cryptography is a cornerstone of
a secure system, there are other factors that are at least as important.
Pages:
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88