Privacy and Encryption
It
only take 3 days now to bread 56 bit DES. Many suggest you
should use 1024 bit RSA or better if you want some level of privacy.
Ever wondered what a web site can find out about you? What will your
computer tell? Visit the Center
for Democracy and Technology and follow the link to the CDT
Privacy Demonstration at the bottom, right of the page. Also, read about
what
is being and can be done to protect privacy and commerce
on the Internet.
Privacy
in cyberspace is in the news! Note that FrontierNet is an
Internet Access Provider, not an on-line service (on-line services keep
more customer information than Internet access providers need to).
Remember that Email is seen by many (just like a postcard, not private)
and can be forged. If you have private communications that must be sent
Email, you should encrypt it with something like PGP. (Remember not
to send your Company's private information from the office via Internet
Email unless it is encrypted.) Pretty
Good Privacy (PGP) has been used for years and
is worth your attention if you wish to use encryption. See the MIT
distribution site for Win95 version and info on PGP, plugins,
and utilities.
The Electronic
Privacy Information Center is a public interest research
center in Washington, D.C.
The Federal
Trade Commission's Online information
section has some good information about privacy on the Internet.
Also see their Site-Seeing
on the Internet.
If you are interested in an
explanation of digital certificates and public key encryption,
here is an example that also describes its possible future for international
certificate use (EDI for example). For those who are interested, certificates
can also be used in the future to authenticate the user of a computer
system. Some states (Georgia and Utah for instance) even have legislation
pending for the use of digital signatures.
A word of caution: Public Key encryption is only as secure
as your Private Key. YOU must ensure the security of your
Private Key! You can't let anyone have access to it or the "pass
phrase" that additionally secures it! Your Pass Phrase should be
a sentence fragment when allowed, or the most complex single password
that you have. Your identity and future will be secured by the physical
security of your Private Key and your Pass Phrase.
