Cryptographic Protection that Does Not Hide Your Information

Does this sound like a contradiction in terms? If your idea of cryptography is all about keeping confidential information hidden from prying eyes, then the idea of applying it to information that is then consumable by others may seem strange, to say the least. However, this is a major function of cryptography too. It makes it very difficult to change information without such a change being easily detected. Practical examples of application include secure transfer of funds: for example, you wouldn’t want anybody to add an extra zero at the end of that payment you just made. Business applications of cryptography in this sense can go much further too.

Besides the authentication mechanisms used by banks, cryptography has become more widely used for the electronic signing of documents. Whereas forging somebody’s written signature is relatively easy (just watch old “Mission Impossible” episodes to see how!), faking a cryptographically protected electronic signature is a different kettle of fish. Moreover, practical, affordable solutions also exist for making electronic signing a reality. Even governments have got in on the act by allowing taxpayers to declare online and to digitally sign their declaration – proof indeed that this kind of cryptographic protection is now mainstream.

For enterprises and organisations in general, cryptography applied to electronic signing can be applied in a host of different ways. Any kind of contract or agreement, including sales contracts, service level agreements and non-disclosure agreements, can benefit. So can critical test reports and certifications. In each case, the signature becomes unforgeable (even the smallest change completely alters the cryptographic version) and irrefutable. Only those qualified to sign a contract can do so, and signees cannot back out of a contract on the grounds of a falsified signature. So while cryptography still helps protect other information by making it undecipherable, it also helps authenticate transactions and agreements, with both these roles often being of business-critical importance.