Cryptography provides a set of techniques for encrypting data and messages so that they can be stored and transmitted securely. Cryptography can achieve secure communications even when the transmission medium—such as the Internet—is not trustworthy. Cryptography can also encrypt sensitive files so an intruder cannot understand them.
- When a message is encrypted, an encryption key used.
- To decrypt the message, the corresponding decryption key must be used.
- It is imperative to properly restrict access to the decryption key because anyone who possesses it will be able to decrypt all messages encrypted with the matching encryption key.
Public-key algorithms use two different keys, a public key, and a private key. The private key is kept private to the owner of the key pair. The public key distributed to anyone who requests it, often through a digital certificate. If one key is used to encrypt a message, then the other key is required to decrypt the message.
Digital Signatures and Digital Envelopes
Digital signatures and digital envelopes are produced using two different, but related processes. The process for creating a digital signature involves using the sender’s private key, whereas the process for creating a digital envelope uses the intended recipient’s public key.
Digital signatures are used to confirm authorship, not to encrypt a message. The sender uses his or her private key to generate a digital signature string bundled with the message. Upon receipt of the message, the recipient uses the sender’s public key to validate the signature. Because only the signer’s public key can be used to validate the signature, the digital signature is proof that the message sender’s identity is authentic.
Digital envelopes are used to send private messages that can only be understood by a specific recipient. To create a digital envelope, the sender encrypts the message using the recipient’s public key. The message can only be decrypted using the recipient’s private key, so only the recipient will be able to understand the message.
Authenticity of Public Keys
- The use of digital signatures and envelopes assumes that the identity of the owner of the public key used to encrypt or decrypt a message is established beyond doubt.
- To guarantee the authenticity of public keys, Microsoft Certificate Server provides digital certificates as a secure method of exchanging public keys over a nonsecure network.
A digital certificate is a set of data that completely identifies an entity, and is issued by a Certificate Authority (CA) only after that authority has verified the entity’s identity. The data set includes the public cryptographic key tendered to the entity.
When the sender of a message signs the message with its private key. The recipient of the message can use the sender’s public key (retrieved from the certificate either sent with the message or available elsewhere in the directory service) to verify that the sender is legitimate.
Certificate Revocation Lists
Certificates, like most real-world forms of identification, can expire and no longer be valid. The CA can also revoke them for other reasons. To handle the existence of invalid certificates, the CA maintains a Certificate Revocation List (CRL). The CRL is available to network users to determine a validity of any given certificate.
|Companies||Price||Server Location||Price||Visit Now|
Cloud SSD Hosting
|$1.43 /mo.||WILMINGTON, DE, US||Price @ $1.43 /mo.||Visit Now|
|$2.99 /mo.||LASALLE, CA||Price @ $2.99 /mo.||Visit Now|
|$2.75/mo.||Burlington, MA, US||Price : $2.75/mo.||Visit Now|
Lifetime Free Domain
|$3.95/mo.||Panama, PA||Start @ $3.95/mo.||Visit Now|
|$1.99/mo.||Arlington Heights, IL, US||Start @ $1.99/mo.||Visit Now|
|$4.95/mo||AUBURN, MA, US||Start @ $4.95/mo||Visit Now|
|$3.25/mo.||Burlington, MA, US||Start @ $3.25/mo.||Visit Now|
|$3.95/mo||Columbus, OH, US||Start @ $3.95/mo||Visit Now|
|$4.95/mo||NASHUA, NH, US||Start @ $4.95/mo||Visit Now|
Managed WordPress Hosting
|$89.00/mo.||Lansing, MI, US||Price : $19.00/mo.||Visit Now|