Chapter 8: Cryptography

Exercises

1.) Go to a popular online e-commerce site like Amazon.com Place several items in your shopping cart, and then go to check out. When you reach the screen that asks for you credit card number, right-click on the Web browser and select “properties”. What can you find out about the cryptosystems and protocols in use to protect this transaction?

            When I went to Amazon.com and added a few items to the cart and checked the properties on the web browser was using HTP and had high encryption to protect my information. I know Amazon is a large company, so it makes sense that they use high encryption to protect their customers.

2.) Repeat Exercise 1 on a different Web site. Does this site use the same or different protocols? Describe them.

            The second Web site I went to was GameStop.com, they are almost identical to what Amazon.com uses, I wasn’t able to find any differences with their site since GameStop is a major corporation they also use HTP with high encryption to protect their guests.

Discussion Questions

1.)    Was Charlie exaggerating when he gave Peter an estimate for the time required to crack the encryption key using a brute force attack?

Charlie was exaggerating when he said in a hundred trillion years, it clearly wouldn’t take that long, but it would take some time to crack and encryption key using brute force. I’m sure it was some sort of sarcasm when Charlie was talking to Peter.

2.)    Are there any tools that someone like Peter could use safely, other than a PKI-based system that implements key recovery, to avoid losing his passphrase?

There are other tools that Peter could use to avoid losing his passphrase but PKI-based systems are the best for this since it has the key recovery. There are plenty of apps or programs that can securely hold passphrases and other information.

Ethical Decision Making

1.)    Would the use of such a tool be an ethical violation on Charlie’s part? Is it illegal?

I think that it is unethical without telling Peter or anyone else, but I don’t think it was illegal since Charlie was hired by their company. Yet again with downloading information that is sensitive or private can raise some ethical questions when he would be able to view all of that.

2.)    Is such a “Little white lie” an ethical action on Charlie’s part?

Yes, that little white lie can be deceiving for Peter and the others if Charlie is doing things without anyone knowledge or permission. It would be better if he checked with Peter or anyone else and let them know that he is using key loggers or other programs to get their passphrases and keys.