Encryption types methods [Ecommerce]
- Cryptography: Uses algorithms to produce ciphertext
- Data Encryption Standard: Used to ensure fast, secure encryption
- One-way encryption: Used to encrypt information permanently
- Public-key encryption: Uses two mathematically related keys
- Private-key encryption: Uses a single key to encrypt and decrypt messages
- Cryptographic strength: Used to ensure the difficulty of inverting (or solving) the algorithm
ecommerce transactions
ecommerce transactions take place in an open environment that cannot be trusted since the network is highly vulnerable to
outside security threats. This network can be made secure with the help of cryptography. Implementing cryptography can hide content
of electronic transactions, detect changes in electronic transactions and confirm the source of electronic transactions.
Cryptography can be applied through encryption and digital signatures. Cryptography is an effective method of securing E-Commerce
transactions that take place over the Internet.
Secure Sockets Layer (SSL) is a commonly used protocol used to encrypt messages between web browsers and web servers. It encrypts
the datagrams of the Transport Layer protocols. SSL is also widely used by merchants to protect the consumer’s information
during transmission, such as credit card numbers and other sensitive information.
SSL is used to provide security and data integrity over the Internet and thus plays an important role. SSL has now become part of
Transport Layer Security (TLS), which is an overall security protocol.
Transport Layer Security (TLS) is a protocol that is used for securing the communications among the applications and their users on
the Internet. During the communication between the server and the client, the Transport Layer Security ensures that no message
is tampered with and that no third party is able to eavesdrop. TLS consists of two layers:
1) TLS Record Protocol and 2) TLS Handshake Protocol.
TLS Record Protocol provides connection security. TLS Handshake Protocol allows the authentication of server and the
client, and the negotiation of an encryption algorithm and cryptographic keys, before the exchange of data.