next up previous contents
Next: What types of cryptography Up: Cryptography HowTo Previous: What are some examples   Contents

Why would I want to use cryptography on a daily basis?

There are actually many reasons why you would desire to use cryptography. They fall into three broad categories: protection, privacy, and verification.

Protection
Would you believe that telling a friend where he can download a song off of the web would make you liable for possibly thousands of dollars in a lawsuit? In the USA, it can, and does already. As such, even speaking to your friends about many things can be considered to be breaking a law.

And if you tell your friend how he can copy a DVD to VHS? Forget it, you will owe the movie companies so much it's disgusting.

And if you do any of this via email, it can be tracked by way of government-created devices such as Echelon or Carnivore, which are capable of monitoring all of your Internet traffic. As a result, you can be caught (and held liable for serious money) by emailing to your friends a link to find some music on the web.

The immediate answer to this problem is encryption. If you encrypt all emails which you send to your friends, the government cannot easily read them. This means that you are relatively safe from the monetary harm that some large corporations would like to inflict upon you.

Even though this has a slightly paranoiac sound to it, wouldn't you prefer not to have to worry about it? Encryption gives you that option.

Privacy
When you send information across the Internet, it actually passes through many machines between your machine and the destination. At each of these machines, somebody can stop your information, read it, modify it, or do anything else with it. Isn't this the reason you don't send your credit card numbers over the Internet? Using good cryptography, you can prevent people on these machines from reading your information.

There are groups who wish to monitor, and even block, the material you read every day. While this may have some valid uses, do you really want some faceless government entity deciding what you will be allowed to read? One of the benefits of cryptography is that it allows you to hide what you're reading, so that would-be corporate and government censors can't see it.

A familiar comment at this point is that you should never conduct private business over the Internet, and therefore encryption doesn't matter. Furthermore, if you're not doing anything illegal, why bother to hide what you're doing on the Internet?

My reply is something which has been said time and time again: Why don't people send all of their letters on postcards? Why seal them up with an envelope, and then send them? The answer is simple: Privacy. You don't want people reading your private information. What you do on the Internet should be just as private as what you do by postal mail.

Another reason to encrypt information has recently come to my attention: Some countries have very serious human rights violations. Groups (such as Amnesty International) which are trying to document such violations must work within these countries. If these groups were not able to hide the information they had gleaned while in these countries, they would surely be executed by the governments of those countries.

Now, think how much better their position would be if everybody encrypted their email. The governments would be unable to single out specific encrypted emails to be examined, because everybody's email would be unreadable.

Verification
In addition to keeping information secret, cryptography can also be used to verify that information has not been changed. Just like a signature on a check or contract, cryptography allows people to place a ''digital signature'' on their information, proving that they actually wrote it.

The simplest application of digital signatures is in electronic mail. When computers exchange email messages, they generally do so over public lines. At any point along the way, someone could intercept the message and change it. Also, someone could ''forge'' your name on a message, impersonating you. But a digital signature cannot be forged - so if a message has a valid digital signature, you know that it's really from the person who signed it.

In addition, digital signatures can be used to check whether the original message has been altered in any way. The programs which we mention below know how to do this; you only have to tell them to check it, and they will. As you can see, digital signatures are useful both for protecting you (making sure you're speaking with the person you think you're speaking with), and for protecting the other person (making sure you're actually seeing what that person is saying).


next up previous contents
Next: What types of cryptography Up: Cryptography HowTo Previous: What are some examples   Contents
Greg Wooledge 2000-10-11