A Appendix A. Basic cryptography Cryptography has more uses than ensuring privacy through encrypting a message. Other uses for cryptography are to provide message integrity through the use of encrypted message hashes, and non-repudiation so that a sender cannot deny having sent a particular message. To ensure privacy, integrity, and non-repudiation in non-secure networks, cryptographic procedures need to be used. Today, two distinct classes of cryptographic algorithms are in use: Secret key (or symmetric key) Public key (or asymmetric key) They are fundamentally different in how they work, and thus in where they are used. These are the basic building blocks for securing transactions over the Internet or other untrusted network. We discusses the following topics in this appendix. Section "Potential problems with electronic message exchange" on page 804 "Secret key cryptography" on page 808 "Public key cryptography" on page 810 "Performance issues of cryptosystems" on page 816 "Message integrity" on page 816 Topic An example to illustrate the security issues with electronic message exchanges. The basic concepts surrounding secret keys and the algorithms used for those keys. The basic concepts surrounding public keys where public and private keys are used, and also digital certificates and their role in the secure use of public key cryptography. Performance concerns when using cryptography How cryptography can aid in asserting message integrity (ensuring a message has not been altered in transit). How digital signatures can prove that the message sender actually sent the message © Copyright IBM Corp. 2012. All rights reserved. 803