Encryption in Digital Signatures
Digital Certificates Work
In physical transactions, the challenges of authentication, identification and privacy are solved with physical symbols, such as signatures or seals. In electronic transactions, the corresponding of a seal must be coded into the information itself. By inspection that the electronic "seal" is present and has not been broken down, the receiver can verify the uniqueness of the message sender and make sure that the message content was not changed in transit. To create an electronic equal of physical security, a number of vendors use sophisticated cryptography.
All through history, most private messages were reserved secret with single key cryptography. Single key cryptography is the method that most secret messages have been sent over the centuries. In single key cryptography, there is an exclusive code (or key) for both encrypting and decrypting messages. Single key cryptography workings as follows:
Assume John has one secret key. If Alisa wishes to send John a secret message:
1. John sends Alisa a copy of his secret key.
2. Alisa encrypts a message with John's secret key.
3. John decrypts the message with his secret key.
sorry to say, this technique has several problems. First, John must find a secure method of getting his secret key toAlisa. If the secret key is intercepted, all of John's communications are compromised. Second, John needs to trust Alisa. If Alisa is a double agent, she may give John's secret key to his enemies. Or, she may understand John's other private messages or even copy John. Lastly, if you have an association with people who need to swap secret messages, you will either need to have thousands (if not millions) of secret keys, or you will require to rely on a smaller number of keys, which opens the door to compromise.
SSL certificate skill employs the more sophisticated public key cryptography, which does not involve the sharing of secret keys. Rather than using the same key to both encrypt and decrypt data, an SSL certificate uses a corresponding pair of keys that uniquely balance each other. When a message is encrypted by one key, only the further key can decrypt it.
When a key pair is generated for your business, your "private key" is installed on your server; no one else has access to it. Your matching "public key," in difference, is freely spread as part of your SSL certificate. You can distribute it with anyone, and even make public it in directories. Customers or correspondents who feel like to communicate with you privately can use the public key in your SSL certificate to encrypt information previous to sending it to you. Only you can decrypt the information, because only you have your private key.
Your SSL certificate contains your name and your public key, identifying information, and the CA's own digital signature as certification. It tells customers and correspondents that your public key belongs to you.