Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who.

Published byEric Willis Modified over 8 years ago

Similar presentations

Presentation on theme: "Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who."— Presentation transcript:

1 Digital Certificates

2 What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who you are. Digital certificates are base on Private Key/Public Key technology.

3 What is Private Key/Public Key Technology? Ciphers are used to encrypt data. Two of the more common types are:  Symmetrical Ciphers – They have one key which is used to encrypt and decrypt data. Some common symmetrical ciphers are: DES IDEA  Asymmetrical Ciphers – These ciphers have two keys, one used for encryption and one for decryption. The most common type of these is Public Key and Private Key encryption. Public and Private Keys can be used to authenticate both the source and recipient of a message.

4 How does Public/Private Key Encryption work? In the following example Bill and Monica are close friends. They have exchange Public Keys with each other so that they can conduct private correspondence.

5 The Key to the Bill and Monica Story! Bill want to go out on a hot date with Monica so he sends her an email asking her out. Bill wants Monica to know the message is from him so he digitally signs it using his Private Key. Monica gets the message and sees it is digitally signed by Bill. She knows that she can validate his signature by using his Public Key. She does this and now knows that it is from Bill. But Bill is an amorous man and this message might not of been for her. He could be bulk Billing. What’s a girl to do?

6 The Key Goes On! Monica decides to respond to Bill, but she only wants him to be able to read her message. She encrypts her message using Bills Public Key. Bill gets Monica’s email and uses his Private Key to decrypt the message. He has been made a very tempting offer, but he only knows that the message is for him. He is not certain it is from Monica.

7 Key Decisions! Bill is very excited about Monica's offer and wants to ensure that Monica knows that the response is from him and is only for her. Bill writes his response and signs this using his private key. This way Monica will know it is from him. Bill then encrypts the message using Monica’s public key. The message can now only be decrypted by Monica's Private Key. As Monica is the only one with her Private Key this means that she knows the message is specifically for her. When she opens her email she will know that the message was for her and that it came from Bill. Let the good times roll!

8 Where else can you use Digital Certificates? Many organisations use SSL Digital Certificates.  These are used to facilitate encryption of links for Web/Email applications.

9 Why use an SSL Certificate? Prior to the use of SSL Certificates, sensitive information transferred using Web/Email based applications, were often passed between the computer and the server in clear text. This meant that Userids, Passwords and Information could all be viewed if someone made use of a sniffing tool such as Packet Sniffer. SSL certificates can provide organisations with:  Secure e-mail  Secure Electronic Commerce  Secure Software Publishing  Client Authentication  Smart Card logon capabilities.

10 How Does SSL Encryption Work? Secure Socket Layer (SSL) come in 40 and 128 bit encryption. These bit numbers designate the level of encryption used. For example the 40 bit encryption key has 2 to the 40 th power number of combinations (or 1,099,511,627,776) different key combination possibilities. The only real way to crack an SSL document is by using brute force attacks, using every key combination possible until you hit the correct one. This is extremely time consuming. One of the first crack examples of this type used 120 computers running parallel processes and took 8 days to search half the key space.

11 How Do You Get an SSL Certificate? SSL certificates are generated by a Certification Authority (CA). A CA provides the following services. They:  Issue Certificates for:  Server Authentication;  Client Authentication; and  Secure Email.  Integrate with Active Directory (AD) to:  Publish Certificates and CRLS; and  Provide CA Information.  Can provide Certificate Enrollment using mechanisms such as:  ActiveX control or Win32 wizard.

12 What Types of CA’s Exist? Types of CA’s are:  Enterprise: Domain authentication of requests Templates define certificate content  Stand Alone: Out-of-band authentication of requests  Exchange: KMS – specific policy modules KMS provides key archival/recovery for email.

13 How does an Organistion get their Certificates? Digital certificates can be:  Self-signed – meaning that the organisation is the CA. OR  Commercially signed – which means that the certificates are generated using a recognised commercial CA. VeriSign is one company that generates commercially signed certificates.

14 Commercial-Signed Certificates They offer a good degree of assurance to relying parties. Less management overhead. Commercial-signed certificates are not easy to forge. However they ARE a costly solution.

15 Self-Signed Certificates Don’t offer a good degree of assurance to relying parties. Require a significant amount of management. They are easy to forge. They are cost effective.

16 Commercial or Internal certificates? There is reasonable grounds for an organisation to generate their own certificates for internal systems. HOWEVER There is still a need to use Commercially Signed Certificates when conducting business with external agencies. Some example would be:  Secure e-mail  Electronic Commerce

Download ppt "Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who."

Similar presentations

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.

Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
Encryption, SSL and Certificates BY JOSHUA COX AND RACHAEL MEAD.

Encryption, SSL and Certificates BY JOSHUA COX AND RACHAEL MEAD.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.

03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Similar presentations

Ads by Google