Professional Documents
Culture Documents
Basics of Cryptography
Basics of Cryptography
Cryptography &
Digital Certificates
i. Confidentiality
ii. Authentication
iii. I ntegr ity
iv. Non- r epudiation
v. I nter oper ability / Univer s ality
i i. I n t egr it y
You want to make s ur e no one has inter cepted infor mation and
changed it in any way. S o tamper ing of the infor mation by
anybody s hould be difficult and evident.
v. I n t er oper abi l it y
Finally, whatever s olution you have needs to be inter oper able
and univer s al, becaus e the benefits of this model is that
ever yone can wor k together and s har e infor mation acr os s the
networ k tr ans par ently. T he adoption of s tandar ds by I nter net
vendor s has pr ovided this inter oper ability.
PKI Passwords
Authentication Yes Yes
Confidentiality Yes No
Integrity Yes No
Non-repudiation Yes No
S ingle key cr yptogr aphy is wher e you us e the S AME “key” (think of
this as a mathematical for mula) to both encr ypt and decr ypt data. T his
is the kind of cr yptogr aphy us ed in WW- I I , wher e code was “cr acked”
by the enemy s o confidential infor mation about tr oop movements
could be gather ed.
With s ingle- key cr yptogr aphy you have the pr oblems of how to s har e
the s ecr et key - - how does B ob get the s ecr et key to Alice s afely, and
of managing a lar ge number of s ecr et keys .
I f too many people s har e the s ame s ecr et key, then if even one of
them is bad, a mole, all mes s ages ar e compr omis ed. Or , if Alice, B ob
and Char lie all s har e the s ame s ecr et key, B ob could claim that Char lie
r eally s ent the mes s age. S o to avoid this , s ay all of us want to
communicate confidentially and ther e ar e about 20 of us in this r oom,
we would have to manage 20 factor ial keys - - this is a ver y ver y lar ge
number .
Advan t ages :
• B ob can dis tr ibute public key fr eely
• I f Alice is a double agent, s he can’t do any har m with B ob’s public
key
• B ob only needs one key pair , no matter how many people he
s peaks to
• B ob can digitally “s ign” mes s ages , by encr ypting with his pr ivate
key
P r oblem :
• How does Alice r eally know that s he is us ing B ob’s public key
T his is wher e a Cer tificate Author ity or CA comes into the pictur e.
Ver iS ign and S afeS cr ypt as its Pr incipal affiliate for I ndia ar e CAs . Jus t
as we tr us t a pas s por t office to is s ue your pas s por t, or VI S A to is s ue
cr edit car ds after doing the appr opr iate level of identity checking, a
cer tificate author ity is a tr us ted thir d par ty that is s ues digital
cer tificates and guar antees that the public key r eally belongs to a
s pecific per s on or entity. T hat’s what Ver iS ign / S afeS cr ypt does .
Cer tificate Author ity is a tr us ted thir d par ty s imilar to Pas s por t Office,
CPA
Cer tificate Author ities is s ue digital cer tificates .
A digital cer tificate is “s igned” with the Cer tificate Au thor ity’s pr ivate
key, to ens ur e authenticity and ever yone has CA’s public key
And it is impor tant of cour s e that you tr us t the CA who is s ued the
cer tificate, j us t as we tr us t VI S A or the pas s por t office. T he
advantage of having a cer tificate that chains up to Ver iS ign is that all
the lates t br ows er s will automatically r ecogniz e and tr us t Ver iS ign or
Ver iS ign T r us t Networ k cer tificates .
I n this way us ing Digital Cer tificates all the challenges of S ecur ity for
e- commer ce can be met with.
F or F u r t h er I n f or m at ion ...
S af eS cr ypt L t d.
6 6 7 -6 6 8 K es h ava T ow er s ,
1 1 t h Main ,
Jayan agar 4 t h B lock,
P h on e N o: + 9 1 -8 0 -6 5 5 5 1 0 4
F ax : + 9 1 -8 0 -6 5 5 5 3 0 0
E -m ail: s af eex im @ s af es cr ypt .com