Specifications
To create the protected directory whose authentication prompt is shown in Figure 13.2, we
used Apache’s most basic type of authentication. (You’ll see how to use this in the next chap-
ter.) This encrypts passwords before storing them. We created a user with the password
password. This was encrypted and stored as aWDuA3X3H.mc2. You can see that the plain text
and ciphertext bear no obvious resemblance to each other.
This particular encryption method is not reversible. Many passwords are stored using a one-
way encryption algorithm. In order to see whether an attempt at entering a password is correct,
we do not need to decrypt the stored password. We can instead encrypt the attempt and com-
pare that to the stored version.
Many, but not all encryption processes can be reversed. The reverse process is called decryp-
tion. Figure 13.4 shows a two-way encryption process.
E-commerce and Security
P
ART III
294
Plain
Text
Cipher
Text
Key
Encryption
Algorithm
Plain
Text
Decryption
Algorithm
FIGURE 13.4
Encryption takes plain text and transforms it into seemingly random ciphertext. Decryption takes the ciphertext and
transforms it back into plain text.
Cryptography is nearly 4000 years old, but came of age in World War II. Its growth since then
has followed a similar pattern to the adoption of computer networks, initially only being used
by military and finance corporations, being more widely used by companies starting in the
1970s, and becoming ubiquitous in the 1990s. In the last few years, encryption has gone from
a concept that ordinary people only saw in World War II movies and spy thrillers to something
that they read about in newspapers and use every time they purchase something with their Web
browsers.
Many different encryption algorithms are available. Some, like DES, use a secret or private
key; some, like RSA, use a public key and a separate private key.
Private Key Encryption
Private key encryption relies on authorized people knowing or having access to a key. This key
must be kept secret. If the key falls into the wrong hands, unauthorized people can also read
17 7842 CH13 3/6/01 3:36 PM Page 294