Cryptography

avatar
Created by
Lance De Guzman

Subdecks (3)

Cards (52)

  • Digital Certificate
    Consists of 2 parts: Plaintext and Same plaintext hashed and digitally signed
  • Ways to attack Digital Certificates
    • Convince Digital Certificate Issuer that attacker's public key is the subject's public key
    • Substitute subject's public key with attacker's public key
    • Unauthorized use of issuer's private key
    • Substitute certificate user's public key
  • Digital Certificate issuer is trusted by the user of the certificate

    It is dangerous if the Digital Certificate issuer is fraudulent
  • Attacker gets issuer's private key

    Unauthorized use of issuer's private key
  • Certificate user's private key is intercepted and substituted

    Attacker can substitute user's public key
  • If Black Hat can access certificate user's computer, they can substitute the user's public key with someone else's public key
  • 2 ways to verify a certificate
    • Consumer or user of the certificate must have a trusted issuer's public key
    • Consumer can then chain from his trusted public key to a trusted copy of the issuer's public key
  • Validity of issuer's public key
    • It must be confirmed by a trusted Certificate Authority
  • Example of issuing a certificate
    1. Owner's name
    2. Issuer: CA's name
    3. Private Key of CA
    4. Hash Function (MD5/SHA-1)
    5. RSA Encryption
    6. Owner's public key
    7. Validity: lifetime of cert
    8. Signature algorithm
    9. Signature (signed by the CA)
  • Example of issuing a certificate
    • Dawn is the Owner, Alice is the CA
  • Example of verifying a certificate
    1. Owner's name
    2. Issuer: CA's name
    3. Validity: lifetime of cert
    4. Hash Function (MD5/SHA-1)
    5. Owner's public key
    6. Public key of CA
    7. Signature algorithm
    8. Signature (signed by the CA)
    9. Decryption
  • Owner's public key
    Equal to the public key in the certificate