ars tehcnica - Google's Adam Langley feels that encryption is now so cheap that it should be applied to all web traffic. So from now on, please type HTTPS instead of HTTP in all of your URLs.
Oh wait, that's not what Langley had in mind. Actually, he suggests that encryption should activate opportunistically without user intervention. And without having to wait for additional network packets. Opportunistic encryption means getting encryption where you can—without first exchanging encryption keys or building a large public key infrastructure (PKI).
Traditional encryption mechanisms such as DES, RC4, or AES use the same key for encryption and decryption. They work extremely well if the two ends agree on a key beforehand—a requirement that can be impractical. Public key cryptography such as RSA uses a public key for encryption and a private key for decryption, solving the key exchange problem, but it requires authentication. It only works if you know you're using the right public key; otherwise, you're vulnerable to a man-in-the-middle attack.
Read More
