cryptography
cryptography
CRYPTOGRAPHY
WHAT IS CRYPTOGRAPHY?
Practice and study of techniques for secure communication in the
presence of third parties called adversaries
Modern cryptography includes
data confidentiality
data integrity
authentication
etc.
Alice receives the public key of Bob and starts sending messages to Bob
Messages are encrypted by Bob’s public key
Any concerns?
How can Alice make sure that the received key is indeed the public key of Bob?
CERTIFICATE AUTHORITY
A certificate authority or certification authority (CA) is an entity that
issues digital certificates
A digital certificate certifies the ownership of a public key by the
named subject of the certificate
A CA acts as a trusted third party—trusted both by the subject
(owner) of the certificate and by the party relying upon the
certificate
Format of these certificates is specified by the X.509 standard
Top 5 CAs as of May 2018
IdenTrust, Comodo, DigiCert, GoDaddy, GlobalSign
PROCEDURE OF OBTAINING
A PUBLIC KEY CERTIFICATE
HOW TO OBTAIN THE PUBLIC
KEYS OF CAS
Public keys are embedded in root certificates
Root certificates are contained in the release of operating systems
(and their updates) and the trustable web browsers (and their
updates)