Kittiphan Techakittiroj (19 . . 2566เม ย )

Digital Certification

Kittiphan Techakittirojengktc@au.ac.th

Kittiphan Techakittiroj (19 . . 2566เม ย )

Digital Signature & Certification

• Identification

– something the person knows, e.g. password

– something the person has, e.g. ID card

– something the person is, e.g. fingerprint

Kittiphan Techakittiroj (19 . . 2566เม ย )

Digital Signature & Certification

• To verify who is who.

• Put identification in the electronics form

• make it difficult to create one without

permission

http://www.verisign.com/

Kittiphan Techakittiroj (19 . . 2566เม ย )

Digital Signature

• public key algorithm

• use private key to encrypt your information: usually short information

• make public key (for decryption) available for

everyone

– can be sent with the message

• people who get message know it from “you”

Digital Signature & Certification

Kittiphan Techakittiroj (19 . . 2566เม ย )

Benefit

• Major

– Confidentiality: encrypted e-mail

– Data Integrity: software signature

• Minor

– Authentication: guarantee the encryption source,

not the person who encrypt

– Non-repudiation: can be done after

authentication

Digital Signature & Certification: Digital Signature

Kittiphan Techakittiroj (19 . . 2566เม ย )

Digital Certification

• third party to certify your information

• using the public key method

• only authority can encrypt information

• decryption key are available: can also sent with

encrypted data

• authority need to be trusted by others

Digital Signature & Certification

Kittiphan Techakittiroj (19 . . 2566เม ย )

ExampleDigital Signature & Certification: Digital Certification

http://www.data.com/roundups/images/certificate_figure1.html

Kittiphan Techakittiroj (19 . . 2566เม ย )

Category

• Certificate Authority certificate

• Individual Certificate: for person, company

• Server Certificate: for server

• Software Publisher Certificate: to verify the

integrity of the software

Digital Signature & Certification: Digital Certification

Kittiphan Techakittiroj (19 . . 2566เม ย )

Standard: X.509Digital Signature & Certification: Digital Certification

http://www.data.com/roundups/images/certificate_figure1.html

• owner’s public key

• owner’s name

• attributes associated with owner: e.g. e-mail

• name of encryption algorithm

• issuer or signer

• expiration date

Kittiphan Techakittiroj (19 . . 2566เม ย )

Reference Books

Developing Secure Commerce Applications by Onli

ne O’Reilly Web Development Courses (http://20

8.233.153.3/oreilly/security/westnet: 1999)

Client/Server Survival Guide by Robert Orfali, Dan

Harkey, Jeri Edwards (John Wiley & Sons: 1999)