Often, much attention is given to the algorithm, and little paid to the key. In fact, just as with login passwords, cryptographic systems are only as secure as their keys, making key management a critical and oft neglected concern. Certificates have emerged as a clever way of managing large scale key distribution.
RSA Laboratory's Cryptography FAQ is an excellent reference source on cryptography.
It's become clear in recent years that strong cryptographic protection is essential to any computer security system. Whether it be protecting login passwords from packet sniffers, defeating trojan horse attacks, or ensuring that a user's files are unreadable even if a hard drive is stolen, cryptography is a critical component in a secure computer architecture. Many of the widely publicized breakins and attacks could have been prevented if stronger cryptographic controls were in place.
For example, Jon Boone's proposal for Integrity Checked Linux would augment the Linux kernel to require every privileged program to pass a cryptographic check before it would be allowed to execute. Since the check would be made using a public key system, and the private key used to sign the programs could be stored off-line, this would immediately defeat any attempt by a hacker to modify system binaries. A similar idea is used by Tripwire, though without kernel support it is both more portable and more vulnerable.
There's been a serious stumbling block in the way of these efforts, though. Adding cryptography to the Linux kernel (or any other piece of software) would make it export-controlled, and that's not a step Linus Torvalds has been willing to take. In fact, the U.S. Federal Government's insistence on restricting the distribution of cryptographic software has probably been one of the biggest barriers to improved computer security.
In recent years, there have been signs of improvement. The U.S. government has relaxed its regulations on exporting cryptographic software. Some cryptographic support has been added to the Linux kernel by the FreeS/WAN project. However, other countries, such as France, continue to impose controls on the use and distribution of strong crypto. I'd be nice to get at least one message across on this point: