Dr Vijay Pithadia
Information and communication technologies are rapidly re-engineering the world. These technologies encompass the range of products and services which supply and manipulate information. With the introduction of E-commerce (Electronics Commerce) lot of personal information will be available on the internet, such credit card numbers preferences about the choice of the product, Transaction Data, Medical and Insurance Records, Personal files and even data kept on their personal computers. At the same time organizations on the internet including Corporations, Government, Universities and other nonprofit institutions have a worry that competitors or unauthorized persons may enter their systems and engage in fraudulent financial transactions, manipulate records or sabotage computers themselves etc. In the age of e-commerce data security and privacy have been important issues. The quest to establish trust in emerging system and assurance the protection of personal privacy also Cryptography technology and process used to encode (encrypt) and Subsequently to decode (decrypt) information to prevent its being read by unauthorized party. In the other word cryptography is one form or another has probably been practiced ever since man has communicated his thoughts in speech or writings.
It is also called as science of secret communication. As the internet and particularly Electronic commerce becomes a reality and vastly increasing volumes of information. E.g. exchanging payment data and other sensitive information are exchanged among users over global telecommunication networks. The customers demand for cryptography solutions to the security needs is developing rapidly. It may true that as the world as becoming more and more complicated, successful running of a business lies in the quick adoption of growing technologies.
Basics of E-Commerce:
There is a shift towards client server computing for the dynamic client customer service organization. Software is processed not only in a host but wherever it makes more sense. In the E-Product scenario the innovation of E-Product like computer E typewriter (with memory) Fax, Calculators, Optical Printer, E watches, Wireless Sound, Pager etc, has proved a human being.
Basics of Cryptography:
Cryptography is the science and art of secret witting keeping information secret. As a concept Cryptography goes back several thousand years arguably to Egyptian and certainly too ancient India and Greece wherever in both cases it was used for communication with spices. In the age of electronics commerce, encryption is also becoming an active concern for individual customer reluctant to put credit card numbers and other personal information on line without assurance that their data can’t captured by other party. Encryption is basically a process in which a massage called plain text is transferred into another massage called a cipher text using a mathematical functions and a special encryption password called the key, while decryption is a reverse process.
Encryption have few elements such as Encryption algorithm, Encryption keys, key Length, Plain text, Cipher Text, Massage Digits, Digital Signature, and Integrity as well as advantages like it can protect information while it is a in transmit from one computer system to another secondly it can be used to data and detect accidental or an international alteration in the data and thirdly used to verify author of a document. Despite these advantages encryption has its limits i.e.it can’t prevent an attacker from deleting the data altogether.
Encryption Standard and Export Control:
There are various types of encryption systems existing. Out of the most widely used encryption system is the data encryption standard (DES) which is the developed in the 1970s and patented by researchers at IBM. Since 1977 the system has been periodically reviewed and reaffirmed (most recently in Dec.1993 Until 1998). It has also been adopted as an American National standard. The DES is basically a bit Permutation, Substitution and a recombination function performed on blacks of 64 bits of keys (Eight 7 bit characters). The 64 bits of input are permuted initially and then input to a function using static tables of permutations and substitutions. The DES is heavily used in many financial and communication exchanges. Many vendors make DES chips that can encode or decode information fast enough to be used in data encrypting modems or network interfaces. Cryptographic devices and technical data relating them are subject to US Government. Some export of cryptographic modules implementing DES standard while other export of cryptographic modules implementing DES standard and technical data regarding them fall under the US Department of commerce and is responsible for licensing cryptographic devices used for authentication, access control, automatic teller Machines(ATMs) and certain devices used in other equipment and software.
The guiding information technology associations in Canada, Europe, Japan and US have jointly identified data security and privacy as one of the key principals on which the global information infrastructure (GII) must be built. Group of 7 countries (i.e.
Canada, France, Germany, Italy, Japan, United Kingdom and United States).They did so in a paper implementation of GII necessarily use of cryptography technology.
The organization for economic cooperation and development has given set of guidelines for cryptography policy. Few points of them are:
(1) Trust in cryptographic methods
(2) Choice of cryptographic methods
(3) Market driven developments of cryptographic methods
(4) Protection of privacy and personal data
(5) Standard for cryptographic methods
(7) International cooperation and lawful access.
Although, the guidelines very in scope most OECD members have adopted these guidelines.
US Government Guidelines:
US Government has developed a draft policy paper for global electronic commerce “A framework for global electronic commerce defying strategy to help accelerate the growth of global commerce across the internet”. As a part of that paper
government has recently taken initiative to permit companies to export encryption products using 56 bit Data Encryption Standard (DES) for next two years provided such companies commit, built and market products that protect public safety as well as national safety. The Government, Industry, Consumer Groups, Civil liberty groups and the media around the world feel that it is the time to reform public and cryptography. US
The cryptography scenario in the country is in the primary stage. Few organizations are engaged exclusively for the development of cryptography techniques, protocols and the products. Customized cryptographic products have been designed and produced. Development of telecommunication does not permit the encrypted signals on their network and this one of the reason that this area has not come up well in the country. Secondly the cryptographic products world wide is licensed items and license to the higher key length and more than 56 bits. Indian industry largely produces PCs and therefore the cryptographic products has been limited to the complete knowledge in this regard is not easily available.
 Crypto law survey http://cwis.kub.nl/-frw/people/cls2.htm
 Cryptography’s role in securing the information society http://jya.com/mc.index.htm
 Cryptography policy guidelines http://www.oecd.org/dsti/iccp/crypto-e.htm/
 Export administration regulations (EAR) http://jya.com/eartoc.htm
 European cryptography http://www.modeemi.cs.tut.fi/-avs/ed-crypto.htm
 Giram S.J. “Impact of E-Commerce and Internet on Accounting, education, practice and research “University News 37(51) Dec.20, 1999 p.16
 Laurence D.S. “cryptography”
publication Inc. New York, 1955, P.16 Dover