In this cyber world,we do all the business,transaction like bill payment of the mobile,money transfer from one account to other and so many other works.But the question is that how safe is this transaction process.
Now-a-days anyone can buy a pair of small electronic devices that encrypt data sent between two computers across telephone lines. However, Computer A can only understand data sent by Computer B if both of these special devices share the same key. The first device uses the key to encrypt the data using the shared, secret key, while the second device uses that same key to decrypt the information, making it readable to the recipient. Now comes an interesting question: When your browser encrypts and decrypts data that it shares with a Web site, where does this secret key come from? If you've bought things over the Internet, you may have noticed the "https:" prefix and seen other indications that the browser was using its security features, though you wouldn't have noticed anything about sharing a secret key. If the Web browser's SSL software simply sent a secret key to the Web site, then eavesdroppers could intercept it and use it to decrypt your encrypted messages. So how does the browser solve this problem?
The answer is public-key cryptography, arguably the most important cryptographic innovation of the past 30 years. Public-key cryptography provides a safe and easy way for the SSL software to share a secret key between your browser and a Web site you visit. As with conventional encryption, the process uses public-key algorithms and separate keys to operate them. However, public-key algorithms work with two different keys, a public key and a private key. The public key can be distributed publicly, but the private key is always kept secret by its owner: an Internet site or a person. Anything encrypted with the public key can only be decrypted by the private key. This allows people to use a public key to encrypt a message that nobody can read except the owner of the corresponding private key.
SSL uses both public-key encryption and conventional secret-key encryption to achieve the best balance of speed, safety, and convenience. Say you're buying a book over the Internet from Amazon.com. First, the latter sends its public key to your browser. Next, your browser picks a secret key at random and uses Amazon.com's public key to encrypt it. SSL sends this encrypted secret key back to Amazon.com, which decrypts it. Once this exchange is complete, SSL uses the shared secret key to encrypt Web data sent between your browser and Amazon.com.
This strategy allows SSL to make the best use of public-key encryption without tripping over any of its mathematical limitations. Secret-key algorithms are much faster and can transmit lots of data more safely than public-key algorithms. Best of all, people using Web browsers don't have to bother themselves with encryption keys, either secret or public. The entire process sets up a safe and private connection automatically.
