IP Communications Featured Articles
Encrypted IP Communications May Be the Answer to Privacy Concerns
July 18, 2013
By Ashok Bindra, TMCnet Contributor
With recent stories of privacy violations, it is clear that your personal information, both online and on telephones, is no longer secure. In fact, with time, eavesdropping techniques have become so good that Internet users and service providers are once again worried about protecting personal information.
In a recent interview with The Times of London, Google’s (News - Alert) chief Internet evangelist Vint Cerf, also a co-developer of the TCP/IP communications protocol, told the English newspaper that “computer scientists should devise an anti-snooping solution for the Web using encrypted communication.” In the interview, Cerf encourages developers to re-examine how some of the Internet’s core security features, such as Internet Protocol Security (IPsec), are designed to enable end-to-end cryptography.
However, it is not as simple or straightforward as it may sound. The Internet Guru stressed on a major problem in implementing encryption to protect data as it navigates the Internet and comes to a computer or storage drive. Given the vastness of the digital world, data is not encrypted most of the time from start to finish. Per Cerf’s explanation, even when it is encrypted during transport, it often must be decrypted at each point and re-encrypted when sent to the next computer. During such transitions, if any computer, server or piece of networking equipment is not fully protected, unencrypted data is readily available to hackers, asserted Cerf.
According to a report by Scientific American magazine, there are several programs available for encrypting data once it is stored on an end device like a PC or a laptop. These programs include Microsoft (News - Alert) BitLocker, Apple FileVault, PGPdisk and TrueCrypt. As per this report, the programs typically create an encrypted volume on the hard drive or encrypt the entire hard drive using a key derived from a password that you type in as part of the start-up process. However, according to Scientific American reporter Larry Greenemeier, “The catch is that users have to actively set up these programs. They don’t run by default, and many people don’t even know these programs exist.”
Paul Kocher, president and chief scientist of Cryptography Research told Greenemeier that Secure Sockets Layer (SSL) protocol offers a good example of how data can be encrypted in transit. Kocher developed the cryptographic protocol SSL to encode communications over TCP/IP networks. It is a two-key cryptographic system. While a public key encrypts data, a private key, known only to the recipient, is used to decode it. Another benefit of SSL protocol is that it can verify whether your computer is communicating with an actual Web site or an imposter set up to steal data or spread malware.
But, there are some limitations to SSL. The security depends on the machines on each end. According to Kocher, if the machines have been infected with a virus or some other malware, decryption keys on those machines can be stolen. “Man in the middle” attacks are another way to intercept messages and then retransmits them, compromising data.
Edited by Blaise McNamee