> The key is the algorithm or mathematical formula that encodes the message
> itself. It must be sent to the message recipient so the message can be
> decoded, hence the term key.
> The size of the key, measured in bits, determines how complex the algorithm
> is and how tough the code is to crack. The state of the art for encryption
> technology used exclusively within the United States is 1,024 bits. However,
> the maximum size key that is allowed to be exported is 40 bits.
I think this reporter needs a few more bits.
> Keys come in two flavors: symmetrical, or public key model; and asymmetrical,
> or public key/private key model.
> A symmetrical key uses the same algorithm to encode and decode a message.
> This is the technique used by the public key encryption program Pretty Good
> Privacy (PGP).
Uh oh, I think I see where this is going.... Julie, stop typing for a second...
> PGP assumes what security experts call the peer trust model. That is, the
> sender knows and trusts the receiver and is therefore perfectly comfortable
> sending the key on its way. Herein lies the "pretty good" part of the
> privacy. Although the algorithm itself makes the message difficult to crack,
> the key exchange is only pretty good when compared with other methods.
> On the other hand, the great advantage to PGP is that it creates no key
> management overhead, which is the biggest drawback of asymmetrical keys.
Damn, too late. Ok, don't move -- who knows how far down that chasm goes!
I'll go get a rope...
> RSA uses
> a technology that is actually an adaptation of the decade-old National
> Institute of Standards and Technology's peer-trust Data Encryption Standard
> (DES), still used in many products. DES is a method of grabbing random keys
> for each encryption task, rather than using the same key repeatedly.
and for heaven's sake, stop smoking that!
> Enter the certificate, also called the digital signature.
Oh brother...look, here's the rope. You know what to do. I gotta get
back to my own planet before anyone notices.