- Joined
- Nov 26, 2020
- Messages
- 716
What makes the Internet today work? If your answer has something to do with the software and hardware that makes up the physical infrastructure of the Internet, then you are partly right. However, I'm talking about trust . It is impossible to do business on the Internet without trust. We need ways to allow users and website owners on the Internet to trust each other so they can continue to do business.
One would think that the Internet was designed with such a built-in trust system. However, we tend to forget that none of those who worked on the early Internet had any idea that this would be something that everyone and more and more would use. It was intended to connect universities and government agencies. Institutions that are already trusted. As the Internet began to evolve as a technology running on the Internet, the need for a reliable authentication system has become a top priority.
It is thanks to these efforts that today we have digital signatures and certificates. Understanding how they work and what they do is key to understanding internet security.
Explanation of digital signatures
A digital signature is basically the same as the signature you put on a contract or check. This is a unique indication that the document really comes from you and that the person receiving it should accept it as genuine.
Of course, signatures can be forged, and there is a whole fraudulent industry focused on forging them. When we think about digital fraud, the problem becomes much more complex. Today, billions and billions of transactions, files and other digital objects fly over the Internet. How can you ensure that each of these transactions is verified with minimal or no fraud?
This is where digital signatures come in handy.
Examples of using digital signatures
There are several specific use cases that require the use of a signature. The most obvious of these is the authentication of the sender of the message. If you receive a confidential message from your lawyer, you want to know that it comes from your lawyers and not from someone impersonating them.
Signatures also include a timestamp, which means you can also use them to determine if any changes have been made to the data after it was signed. If so, then you know you cannot trust the document.
Digital signatures today carry the same legal weight as traditional handwritten signatures. In fact, since they are much more difficult to fake or deny that they are made, they must carry more weight!
Public key cryptography
The main component of a digital signature uses what is known as public key cryptography. It uses two keys to encrypt information. In this case, the signature. Their key, which encrypts information, is known as a private key. This person keeps his private key secret and does not give a copy of it to anyone.
The great thing is that another key, the public key, can decrypt the message, but cannot be used to impersonate the signer. No other key can decrypt the message, so if the public key provided by the sender successfully unlocks the encryption, it really should be from him.
Add hash
A public / private key pair does not constitute a digital signature by itself. Another component known as hash is used to build the signature. A hash is a product of a hash function. This is a special algorithm that takes any string of data and then turns it into a fixed-length result. The hash itself does not contain any data that was processed by the function. However, only this exact string of data will result in a specific output hash. So this is a great way to make sure that the message has not been altered in any way.
In a digital signature, the signer encrypts a hash of the original content as well as a description of the hashing method. When a message is received at the other end and decrypted, the hash can be used to confirm that no changes have been made since the signature was created.
What is digital certificate history?
A digital certificate, as the name suggests, is a digital evidence that someone is who they are and who they are. It is usually issued by a central certification authority. Authority is someone who maintains trust. It verifies that the requestor for the certificate is all they say and then issues a digital certificate that can be presented to the rest of the world.
This makes it much more difficult for people to create fake websites and redirect you to them. If the fake site cannot provide your browser with the correct certificate, it will not accept it and you will receive a warning about it. It is also the perfect way to send secure encrypted emails.
Let's dive into digital certificates and see how they work.
What's in a digital certificate?
Although there are various formats for digital certificates, X.509 is probably the most commonly used and well-known standard . X.509 defines what information is contained in a certificate and is an integral part of security technologies such as HTTPS and SSL.
Here's what you should find inside the X.509 certificate:
- Unique serial number
- Shelf life
- Algorithm type
- Who issued the certificate
- Certificate owner name
- Unique identifiers of the issuer and owner
- The digital signature of the owner is encrypted with his private key
Public / private key pair and certificates
Digital certificates are a key component of public key cryptography. The certificate provides you with a public key so you can verify the signature. This also means that you can decrypt whatever was sent to you that was encrypted with the private key of the certificate owner. Thus, a digital certificate is a key exchange medium where public keys are exchanged and a secure, encrypted channel is created between two points of a transaction.
Technology you can trust
Industry standard encryption is incredibly reliable these days. Aside from the dramatic spike in computing power, it's almost impossible to break it. Digital signatures and certificates are a practical application of this encryption technology that makes the Internet secure. At least much safer than it would have been without him. Every time you order Uber or buy something on Amazon, this ultra-secure set of technologies runs in the background so you don't get fooled.
Based on materials from technadu.com