How security Certificates works?

Certificate security provides a mechanism for achieving encrypted communications over unsecured networks and is built upon the Public Key Infrastructure (PKI). Certificates use asymmetrical cryptography whereby different keys are used for the encryption and decryption process.

Under public key encryption two keys are required, a public key and a private key. A client contacts a Certificate Authority (CA) to obtain both of these keys. The public key is then provided to anyone who needs to send encrypted data to the client. The sender uses the this public key to encrypt the data and send it to the original client. On receipt, the client decrypts the message using the private key (which is the only key which can be used to decrypt the message since this is asymmetrical encryption.

So far we have looked at certificates in terms of encrypting data between parties where the public key is used to encrypt a message to a client and the client’s private key is used to decrypt the message. When using certificates as a means of authentication this process is reversed. In such a situation the client encrypts its signature using its private key and sends it to the receiving system. If the sending client is who it claims to be the receiving system should be able to decrypt the signature using the client’s public key. If the decryption using the public key fails, the sender is not who they claim to be and the authentication has failed.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s