Manualshelf

Operation Manual

ManualsBrandseM Client ManualsSoftwareE-Mail management
421422423424425426427428429430
Security Certificates
"Three may keep a secret, if two of them are dead."
famously said Benjamin Franklin. We may smile at Mr. Franklin's penchant for the theatrical, and
admire at the gothic fantasies inspired by the notion of secrets, but in the modern digital world, the
business of keeping secrets is a much less Shakespearian one.
The exact science behind modern cryptography is beyond the scope of this tutorial, suffice to know,
that sometime between the death of Jimi Hendrix and the rise of Margaret Thatcher, computer
scientists mixed a few prime numbers with a dash of mathematical magic, and out came
Asymmetric key algorithms.
And the Public-Key Cryptography is a methodology that uses asymmetric key algorithms to protect
communications or authenticate messages. The concept of asymmetric keys has done away with the
requirement of a secure initial exchange of one or more secret keys as is required when using
symmetric key algorithms.
Lying at the heart of the Public-Key Cryptography is two sets of numbers, the public key and the
private key. Both the public and the private keys are needed for encryption /decryption but only the
owner of a private key ever needs to know it. Using this system, the private key never needs to be
sent across the Internet.
The private key is used to decrypt text that has been encrypted with the public key. Thus, if I send
you a message, I can find out your public key (but not your private key) from a central
administrator and encrypt a message to you using your public key. When you receive it, you
decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you
can authenticate yourself to me (so I know that it is really you who sent the message) by using
your private key to encrypt a digital certificate. When I receive it, I can use your public key to
decrypt it.
Certificates
In practice, secure messages being passed between computers rely on Certificates. Electronic
documents which contain digital signatures to bind together digital keys with an identity
information such as the name of a person or an organization, their address, and so forth.