CHAPTER 7/NEWLY DEVELOPED TELECOMMUNICATION SERVICES  77
        merchant. When the customer is verified as a customer in good standing with the
        credit card companies  and can pay for the purchase, the company sends the  mer-
        chant a message  that the purchase is allowable. If the customer is found  not to be
        a customer in good standing, the company  sends the merchant a message that the
        purchase is not authorized. This  procedure  enables  the company to see only  the
        payment information but not the purchase order.


        7.9.3  Encryption

        Encryption is highly important for protecting information from all kinds of attacks
        while information is being transmitted over the network, such as illegal access by
        hackers, wiretaps, or dishonest users. Encryption is the only practical way to trans-
        mit information  securely. Encryption  scrambles the information  so it  cannot  be
        read by anyone who lacks the key. Encryption and decryption  are done by means
        of a key and a key algorithm.  By means of the key and the key algorithm,  a source
        scrambles information before transmitting the scrambled data over the network. At
        the destination,  the data is unscrambled  with a key to produce the original data.
            There  are two types  of encryption  and decryption  methods:  symmetric key
        encryption and asymmetric (public) key encryption. Typical encryption and de-cry-
        ption are described next.

        7.9.3.1 Symmetric  Key Encryption  Algorithm
        With symmetric key encryption, the source text is encrypted by means of a sym-
        metric  key and the  scrambled  text  sent  to  its  destination  over  the Internet.  The
        scrambled text is decrypted  into the  original  text by  means of the  same key. To
        accomplish this, the key and the encryption  and decryption algorithms  have to be
        shared between the source and its destination.  Until recently, this was the widely
        used method of encryption. With symmetric key encryption, the source and the des-
        tination share a common key. The common key is secret, but the algorithm that en-
        crypts and decrypts is not.

            •  Data Encryption  Standard  (DBS):  Data Encryption  Standard (DES), one of
        the usual symmetric key encryption methods,  is a modification of the best  of the
        symmetric  key  methods  proposed  by  the  National  Institute  of  Standards  and
        Technology  (NIST). Its symmetric key is 56 bits long. When text is encrypted, it
        is broken into components,  each 64 bits  long. Every component is scrambled  by
        means of the symmetric key, after which all of the scrambled text is sent to its des-
        tination over the Internet. At the destination,  the  scrambled  text is decrypted by
        means of the same key to produce the original text.
            •  Improved  Data Encryption  Algorithm (IDEA):  The improved data encryp-
        tion  algorithm  (IDEA)  was  invented  by  James  Massey  and  Xuejia  Lai  of
        Switzerland in the  1990s.  It is said to be faster  and more resistant to hacker attack
        than DES. However, it has not yet been proved better than  DES.