What is a digital certificate?

Подписаться 23 тыс.

Просмотров 23 тыс.

50% 1

One use of trapdoor functions is to encrypt a message so that it can be safely transmitted across an insecure channel. Another use is to allow a sender to sign a message so that the recipient can verify that the sender originated the message and that the message was not altered during transmission. Along with encryption, digital signatures form the basis for secure and trusted communication online.
Credits: Talking: Geoffrey Challen (Assistant Professor, Computer Science and Engineering, University at Buffalo). Producing: Greg Bunyea (Undergraduate, Computer Science and Engineering, University at Buffalo).
Part of the www.internet-class.org online internet course. A blue Systems Research Group (blue.cse.buffalo.edu) production.

Опубликовано:

16 окт 2016

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 16

@heavenspleasure 5 лет назад

This is digital signature ? I understood digital certificates are different, where a CA is involved.

@Beansahol 6 лет назад

Very good explanation, thanks.

@kaminski002 5 лет назад

It thought it went like this: 1) Alice applies hashing algorithm to the message to get unique and irreversible representation of the message 2) Alice applies Asym Encryption Algorithm, where the parameters are the Hash value and her private key to get an encrypted hash. 3 Alice sends Bob the message (plain text) and the encrypted hash. 4) Bob gets both items 5) Bob firstly applies an asymmetric decryption algorithm (using Alice's public key) to the encrypted hash to get the unencrypted hash value (H1). 6) Bob then applies the same hashing algorithm to the plain text data as Alice did to get (H2). Result: If H1 = H2 then Bob can be assured of 2 things: 1) The message is definitely from Alice 2) The message was not altered during transmission. Private key encryption verifies Data Integrity and Authentication. It does not ensure Confidentiality, that is achieved with Public key encryption.

@mikeortiz1417 11 месяцев назад

Does that still apply 4 years later??

@AnkitNilesh 6 лет назад

nicely explained , thanks

@Opinion129 3 года назад

What kind of gel does Bob put on his hair? Thanks for the video.

@andrempunkt 7 лет назад

But if Alice encrypt the message with her private key to create a certificate, an attaker with her public key could decrypt the certificate an read the message. That is not cool. I would use a hash of the message and then create the certificate from the hash.

@MrDavidKord 6 лет назад

No, the certificate is not the message. The public key would merely verify that the certificate came from the right person.

@Oliver-oy4gu 6 лет назад

could the encrypted message still be decrypted from the middle source tho even though the certificate will verify it has been altered?

@TelTrak 5 лет назад

Hi Andre, I think the digital certificate is encrypted along with the message so only Bob will be able to access this particular digital certificate after decryption. I am also not totally clear between digital signature and digital certificate (with CA). I guess this case involves a self signed certificate rather than using a CA. The digital certificate contains the public key for Bob to reply and authenticates the message came from Alice. A digital signature would only authenticate the message came from Ann but contain no public key for Bob to reply with.

@mhn147 4 года назад

thank you

@deb62615 2 года назад

Allright. So Alice uses public key of bob to encrypt the message. Alise als aso signs with her own private key. Bob wants to use the public key of Alice to de crypt the value, and also uses the public key to dycrypt the signature.. but in both cases, Bob still has to use the public key of Alice. So the man in the middle could still give his own public key and sign with his own private key, intercepting the communication?? I dont get it.. So by saying "Bob can only validate the signature with the public key of Alice".. but that is the whole problem, how does Bob know what public key to use?