Our goal at PushYourRank.com is to define and teach the Internet and Computing. This article post consist of various blurbs from developers, Internet geeks, and Web gurus about "What is Encryption and Authentication?"
Other good articles include "Understanding Authentication, Authorization, and Encryption" by Boston University Information Services and Technology. And Authentication and Encryption on Wiki
Have useful tips or information about the subject matter in this article? Feel free to comment below...
Hope this was helpful,
The PushYourRank Team
Author: Nicholas Coriano
About The Author: Nicholas Coriano is an Entrepreneur, Web Developer, Social Media Marketer, SEO Consultant and the founder of this blog and The NewYorkWebsiteDesignCenter.com. While developing websites for his own businesses and marketing his entrepreneurial ventures online, he began blogging useful tips and "how-to" articles on PushYourRank.com for reference purposes. To retain Nicholas for help with your Website, Social Media, SEO or other online/technology needs, email PushYourRank@Gmail.com
About PushYourRank.com: PushYourRank.com (the Blog) is a blog that helps small businesses, start-ups, developers, amateurs website builders, bloggers and entrepreneurs develop their websites, their social media presence, their search engine optimization techniques and more ....online. The Blog publishes articles about Ecommerce, Email Marketing and How To Make Money Online...as well as any topic that pertains to the Internet or Online. If you need help developing a website, SEO or Social Media outsourcing, see NewYorkWebsiteDesignCenter.com, if you would like to advertise or have us publish an article on a certain subject, please email us at PushYourRank@Gmail.com
We authenticate something to prove to the receiver of the “something” that it actually came from us. We encrypt a message so nobody, including us, can read it. Why do we authenticate or encrypt? We authenticate so that the receiver is assured that what she received came from us and not from an imposter. This “thing” can be an item – a coin or painting for instance, or a piece of information, an email attachment or a speed command to a uranium centrifuge. We encrypt information so that only the intended receiver(s) can understand it. (By: Gunter Fuchs "What is the Difference Between Encryption and Authentication?")
Authentication and encryption are two intertwined technologies that help to insure that your data remains secure. Authentication is the process of insuring that both ends of the connection are in fact who they say they are. This applies not only to the entity trying to access a service (such as an end user) but to the entity providing the service, as well (such as a file server or Web site). Encryption helps to insure that the information within a session is not compromised. This includes not only reading the information within a data stream, but altering it, as well. While authentication and encryption each has its own responsibilities in securing a communication session, maximum protection can only be achieved when the two are combined. For this reason, many security protocols contain both authentication and encryption specifications. (Chapter 9 from Mastering Network Security, published by Sybex, Inc.) (Microsoft)If you are looking for a more geeky or nerdy definition, wiki explains Authenticated encryption as follows:
Authenticated Encryption (AE) is a block cipher mode of operation which simultaneously provides confidentiality, integrity and authenticity assurances on the data. These attributes are provided under single, easy to use programming interface and decryption is combined in single step with integrity validation.
The need for AE emerged from observation that securely compositing a confidentiality mode with an authentication mode could be error prone and difficult. This was confirmed by a number of practical attacks introduced into production protocols and applications by incorrect implementation, or lack of, authentication (including SSL/TLS).
Six different authenticated encryption modes (namely OCB 2.0, Key Wrap, CCM, EAX, Encrypt-then-MAC (EtM), and GCM) have been standardized in ISO/IEC 19772:2009.[4] More were developed in response to NIST solicitation. Sponge functions can be used in duplex mode to provide authenticated encryption.
Other good articles include "Understanding Authentication, Authorization, and Encryption" by Boston University Information Services and Technology. And Authentication and Encryption on Wiki
Have useful tips or information about the subject matter in this article? Feel free to comment below...
Hope this was helpful,
The PushYourRank Team
Author: Nicholas Coriano
About The Author: Nicholas Coriano is an Entrepreneur, Web Developer, Social Media Marketer, SEO Consultant and the founder of this blog and The NewYorkWebsiteDesignCenter.com. While developing websites for his own businesses and marketing his entrepreneurial ventures online, he began blogging useful tips and "how-to" articles on PushYourRank.com for reference purposes. To retain Nicholas for help with your Website, Social Media, SEO or other online/technology needs, email PushYourRank@Gmail.com
About PushYourRank.com: PushYourRank.com (the Blog) is a blog that helps small businesses, start-ups, developers, amateurs website builders, bloggers and entrepreneurs develop their websites, their social media presence, their search engine optimization techniques and more ....online. The Blog publishes articles about Ecommerce, Email Marketing and How To Make Money Online...as well as any topic that pertains to the Internet or Online. If you need help developing a website, SEO or Social Media outsourcing, see NewYorkWebsiteDesignCenter.com, if you would like to advertise or have us publish an article on a certain subject, please email us at PushYourRank@Gmail.com