Digital certificate & signature

1,303 views

Published on

Published in: Technology, Business
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,303
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
71
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Digital certificate & signature

  1. 1. Compiled by: NETRI TKTCert :A Web-Based Authenticated & certified service August 8, 2009
  2. 2. INTRODUCTION: <ul><li>Digital Signature: </li></ul><ul><ul><li>Type of Asymmetric Cryptography. </li></ul></ul><ul><ul><li>Simulates the security of a handwritten signature on paper. </li></ul></ul><ul><li>Digital certificate: </li></ul><ul><ul><li> Body of data placed in message. </li></ul></ul><ul><ul><li>Serves as proof of the sender’s authenticity. </li></ul></ul><ul><ul><li>Establishes your credentials when doing business or other transactions on the web. </li></ul></ul>August 8, 2009
  3. 3. <ul><li>CA (Certificate Authority): </li></ul><ul><li>Trusted third party or Web of trust . </li></ul><ul><li>Provides meaningful authentication. </li></ul><ul><li>Provides that transmitting and receiving document not modified or viewed by third party. </li></ul><ul><li>Prevents ‘ man-in-the-middle’ attack on your web browser. </li></ul>August 8, 2009
  4. 4. August 8, 2009
  5. 5. <ul><li>ROOT CERTIFICATE: </li></ul><ul><li>Unsigned public key certificate or a self-signed certificate that identifies </li></ul><ul><li>the Root CA. </li></ul><ul><li>Top-most certificate of the tree & used to &quot;sign&quot; other certificates. </li></ul><ul><li>All certificates below the root certificate inherit the trustworthiness of </li></ul><ul><li>the root certificate </li></ul><ul><li>CLIENT & SERVER SITE CERTIFICATES : </li></ul><ul><li>Digital credential that identifies the server or client application that uses the certificate for secure communications. </li></ul>August 8, 2009
  6. 6. <ul><ul><li>Contain identifying information about the organization that owns the application. </li></ul></ul><ul><ul><li>server must have a digital certificate to use the Secure Sockets Layer (SSL). </li></ul></ul><ul><li>Allows clients to use certificates to authenticate to resources instead of user names and passwords. </li></ul><ul><li>OBJECT-SIGNING CERTIFICATE: </li></ul><ul><li>Used to digitally &quot;sign&quot; an object. </li></ul><ul><li>By signing the object, you provide a means by which you verify both the object's integrity and the origination or ownership of the object. </li></ul>August 8, 2009
  7. 7. : X.509 CERTIFICATE FORMAT August 8, 2009 Signature algo. identifier Period of validity Subject’s pub Key inf Signat-ure version certificate serial num Algorithm parameters Issuer name Not before Not after Subject name Algorithm issuer unique identifier subject unique identifier extension algorithm Parameter Encrypted parameters keys
  8. 8. <ul><li>SYSTEM ARCHITECTURE: </li></ul>August 8, 2009 System Architecture
  9. 9. <ul><li> WELCOME TO TKT CERT </li></ul><ul><li>HOME LOGIN POLICY RENEW GUIDELINES MYCERTIFICATE </li></ul><ul><li>DESCRIPTION OF TKT CERT </li></ul>
  10. 10. <ul><li>Information exchange with this site can,t be viewed or changed by third party.. </li></ul><ul><li>Do you want to continue?? </li></ul>YES NO VIEW CERTIFICATE
  11. 11. <ul><li>HOME LOGIN POLICY RENEW GUIDELINE MYCERTIFICATE </li></ul><ul><li> LOGIN </li></ul><ul><li>User Name: </li></ul><ul><li>Passphrase : </li></ul><ul><li>[ sign up for new account ?] [ lost your password?] </li></ul>LOGIN
  12. 12. <ul><li>HOME LOGIN POLICY RENEW GUIDELINE MYCERTIFICATE </li></ul><ul><li>Welcome to your Account of TKT cert.com </li></ul><ul><li>ABOUT ME </li></ul><ul><li> MY DETAILS </li></ul><ul><li>TYPES OF CERTIFICATES </li></ul><ul><li>PURPOSE </li></ul><ul><li>GUIDELINES </li></ul>
  13. 13. <ul><li>LOST PASSPHRASE </li></ul><ul><li>Email Address: </li></ul><ul><li>Date of birth: </li></ul>Next
  14. 14. LOST PASSPHRASE <ul><li>Question 1 st : </li></ul><ul><li>Question 3 rd : </li></ul><ul><li>Question 5 th : </li></ul><ul><li>New Passphrase : </li></ul><ul><li>Repeated : </li></ul>NEXT
  15. 15. <ul><li>HOME LOGIN POLICY RENEW GUIDELINES MYCERTIFICATE </li></ul><ul><li>TKT CERT certificate will be shown: </li></ul>
  16. 16. REGISTRATION FORM August 8, 2009
  17. 17. <ul><li>HOME LOGIN POLICY RENEW GUIDELINES MYCERTIFICATE </li></ul><ul><li>Your password has been updated and your loginId has been notified of the change !! </li></ul>
  18. 18. <ul><li>Edit your Profile </li></ul><ul><li>Change your Passphrase </li></ul>
  19. 19. <ul><li>My profile details is shown </li></ul>
  20. 20. August 8, 2009
  21. 21. August 8, 2009
  22. 22. <ul><li>CERTIFICATE VERIFICATION PROCESS: </li></ul>August 8, 2009
  23. 23. August 8, 2009
  24. 24. <ul><li>ROOT-HIERARCHY: </li></ul>August 8, 2009
  25. 25. August 8, 2009
  26. 26. <ul><li>CLIENT-BROWSER CERTIFICATE VALIDATION : </li></ul>August 8, 2009
  27. 27. August 8, 2009
  28. 28. August 8, 2009
  29. 29. August 8, 2009
  30. 30. August 8, 2009
  31. 31. August 8, 2009
  32. 32. <ul><li>DIGITAL CERTIFICATE WITH SIGNATURE : </li></ul>August 8, 2009
  33. 33. August 8, 2009
  34. 34. August 8, 2009
  35. 35. August 8, 2009
  36. 36. August 8, 2009 User serial no Certificate serial no Revocation date Certificate revocation list Registration Authority Revocation repository Reg_no Customer ID Date of registration CSR Date Certificate issue date Registration form
  37. 37. CONCLUSION August 8, 2009 <ul><li>Secure Digital transactions- an important part of electronic commerce in the future. </li></ul><ul><li>Privacy of transactions, and authentication of all parties, is important for achieving the level of trust. </li></ul><ul><li>Encryption algorithms and key-sizes must be robust enough to prevent observation by hostile entities </li></ul>
  38. 38. August 8, 2009

×