Back to Contents

Public Key Certificates

Digital Certificate

  • Certifictaes create a trust model for end user to know

    • from where has this certificate come from?
    • is it genunie?
  • An electronic document which contains

    • Who issued the certificate
    • Who the certificate is issued to
    • Expiry date
    • Public Key -- to communicate with the agency for whom the certificate is issued
    • Digital Signature -- to proove that certificate came from a trusted source and is not tampered
    • Algorithms, Key Sizes etc.

Digital Signature

Hash Value : The hash value is the mathematical value for that certificate

hash_function(certificate_data) :: hash_value
Encrypt_Algo(hash_value, private_key) :: digital signature
Decrypt_Algo(digital_signature, public key) :: hash_value

QUES: The certificate carries the digital signature which is hash_value encrypted with Private Key. Digital signature is decrypted using public key to get hash. Once Hash and Digital Signature is given how hard it is to get the private key??

Certificate Trust Model

A third party Certificate Authority issues certificates to the holder. Now holder can give out these certificates establising itself as a trusted agency.

Certificate Authority does a lot of backgroud checks before issuing the certificate

The certificate of the CA is loacally installed with the user. Thus, it can trust that the obtained certificate is signed by a trusted CA.

Back to Contents