Human beings are always suspicious. When you send a message to someone, you always suspect that someone else will intercept it and read it or modify it before re-sending. And this suspicion or doubt is not at all baseless. This is because, human beings are also nosy. There is always a desire to know about a secret message being sent/received between two parties—with or without any financial or political gains. It is no wonder that the desire to send a message to someone such that nobody else can interpret is as old as human history.

However, historical records available of this method (cryptography) date back to 2000 B.C. in Egypt, where hieroglyphics were used to decorate the tombs of dead rulers and kings. These hieroglyphics narrated a story of the life of the king and talked about the great acts of his life. They were deliberately cryptic, but not intended to hide the text. As time went by, these writings became more and more complicated and therefore, difficult to write as well as understand. Eventually, the practice died out. In fact, for some period in history, cryptography was regarded as mysterious and a black art. It had developed a bad image. Chinese (e.g. Genghis Khan) did not use cryptography very much. However, it was widespread and quite advanced in India where the government used it to communicate with the spies. The famous Greek drama, ‘Iliad’ refers the usage of cryptography which was used when Bellerophon was sent to the king with a secret tablet.

Polybius in Greece had developed a good method (now called, "Polybius Square") for cryptography. Julius Caesar used another method called as, ‘Caesar Cipher’. Leon Battista Alberti is known as, ‘the father of Western Cryptography’ in part, because of his development of polyalphabetic substitution. The father of American Cryptography is James Lovell. He was loyal to the colonies, and solved many British ciphers, some of which led to the Revolutionary victories. In fact, one of the messages that he deciphered set the stage for the final victory of the war. Later, the ‘Wheel Cipher’ was invented by Thomas Jefferson around 1795.

Although cryptography was employed during World War-I, two of the more notable machines were employed during World War-II : The German Enigma Machine, developed by Arthur Scherbius and the Japanese Purple Machine, developed using techniques first discovered by Herbert O. Yardley. In fact, wars have advanced the science of cryptography beyond imagination.

In the 1970s, Dr. Horst Feistel established the precursor to what we today call as Data Encryption Standard (DES). He came up with the, ‘family’ of Ciphers, called ‘Feistel Ciphers’, while working at IBM’s Watson Research Laboratory. In 1976, the National Security Agency (NSA) worked with Feistel Cipher to establish FIPS PUB-46 known today as DES. Today, triple-DES is the security standard used by US Financial Institutions. Also in 1976, two contemporaries of Feistel, Whitefield Diffie and Matin Hellman first introduced the idea of Public Key Cryptography (PKC) in a publication entitled, "New Directions in Cryptography".

DES was based on symmetric key cryptography. In this method, the same key was used for encryption and decryption. Therefore, both the sender and the receiver had to know and agree about the key in advance. This posed a serious problem in the Internet world where many users were expected to send/receive messages to/from a server in a secure fashion. How should the keys for each pair be determined, exchanged and kept a secret?

RSA solved this problem by designing a key pair: one for encryption and the other for decryption. In fact, if a message is encrypted by one key, only the other key in a pair can decrypt it. The concept was based on the idea that it is virtually impossible to factor the product of two very large prime numbers (e.g. with 100 or more digits each). In RSA, two very large prime numbers can be used as a key pair: one as a public key and the other one as a private key. In fact, the entire security infrastructure was built on the Public Key Cryptography (PKC) concept and was called as Public Key Infrastructure (PKI).

RSA was designed by Rivest, Shamir and Adleman. They posed a challenge and declared a reward of $100 for anyone who would decrypt the message, which they had encrypted. This was published in 1997 by Martin Gardner in, "Scientific American" in a widely read column, "Mathematical Games" which he edited. It was estimated that using very powerful computers available at that time, it would take about 40 quadrillion years to decrypt this message!! Later in 1978, RSA formally introduced the PKC System.

With the growth of Internet, the need for secure data transmission increased manyfolds. In fact, it became a pre-condition to the usage of Internet for business transactions. In 2002 alone, Security related frauds cost businesses about 6 billion US Dollars. Security, therefore, is a major concern in the Internet world—especially for the financial transactions.

It is on this backdrop that the current text is extremely important. It is virtually impossible to architect a web-based software system without taking into account the security concerns. This book is, therefore, quite timely. There are a few books available in the market on the same topic, but, in my opinion, the current text stands out due to its simplicity. The book can be understood by virtually anybody who has some fundamental understanding of computing environments. The language is lucid and the book has a number of diagrams to enhance the comprehension. Interestingly, despite its simplicity, it does not lose its rigor and depth. Therefore, I find that this book will be of tremendous value not only to the students who can use it as a text but also for software managers and software architects who can use it as a reference guide.

I have been lucky enough to have co-authored a book called, ‘Web Technologies’ with Atul. I think he is one of the most intelligent, systematic and thorough individuals whom I have met in my career. Despite his technical excellence, he is quite unassuming which I value the most. Interestingly, he has many other interests than just technology, music and cricket being some of them. He is regarded as an authentic cricket statistician. And above all, I find him extremely humane which I think, makes him one of the finest human beings in the ultimate analysis.

It has been a great pleasure knowing him and working with him. I wish him all the very best in his future endeavours.

Achyut S Godbole
CEO – Apar Technologies, Mumbai
(Author of Operating Systems, 2E, Data Communications and Networks,
and Web Technologies, all published by Tata McGraw-Hill)