skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 114157 Find in a Library
Title: Cryptography: Combatting Data Compromise
Journal: Security Management  Volume:32  Issue:10  Dated:(October 1988)  Pages:39-43
Author(s): S Avarne
Date Published: 1988
Page Count: 5
Type: Issue Overview
Format: Article
Language: English
Country: United States of America
Annotation: A properly constructed cryptographic security system can provide effective protection against computer-related crimes.
Abstract: Encryption converts data to an unintelligible form, a cipher. Encryption and decryption usually are accomplished by means of a mathematical algorithm controlled by a key. Ciphers may be symmetric or asymetric, using the same or different keys for the encryption and decryption processes. A technique called message authentication ensures that data cannot be altered without detection through the use of a cryptographic check sum appended to the end of each message or data record. Message authentication also requires a secret key. In addition, cryptographic systems use a dynamic password for user or terminal identification. Before gaining access, the user must respond correctly to a noncompetitive challenge while using a unique secret key and a personal identification number. Because the protection afforded by encryptographic security systems is no greater that the protection given to the keys controlling the process, special key management procedures are required. Keys must be randomly and unpredictably generated, a strict key hierarchy should be observed, keys should be stored securely, procedures are needed for key distribution and deletion, and keys should be changed regularly. Ideally, the security system should be developed with the computer system, and the relative advantages of hardware or software implementation of the encryption algorithm, in-line or peripheral implementation, and the various key management schemes should be considered.
Main Term(s): Encryption
Index Term(s): Computer crime prevention measures; Computer privacy and security; Personnel identification systems
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=114157

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.