SlideShare a Scribd company logo

The world of encryption

Mohammad Yousri
Mohammad Yousri

The document provides an overview of encryption, digital signatures, and SSL certificates. It discusses how public key encryption uses a private key and public key to encrypt messages. Digital signatures authenticate the identity of the sender and ensure messages remain intact. SSL certificates allow browsers and servers to establish an encrypted connection by containing a public key and verifying identity with a Certificate Authority. The client's browser verifies the server's certificate with the CA to trust the secure connection.

Software
1 of 24
Download to read offline
THE WORLD OF ENCRYPTION
ABSTRACT THIS PRESENTATION IS JUST PROVIDING THE BASIC CONCEPTS OF THE DIGITAL CERTIFICATES, AND DIGITAL SIGNATURES WITHOUT PROVIDING ANY TECHNICAL SOLUTION OR PREFERABLE TECHNOLOGIES.
ENCRYPTION Encryption is the conversion of data into a form, called a CIPHER Text. The use of encryption/decryption is as old as the art of communication. Encryption/decryption is especially important in wireless communications. Encryption/decryption is a good idea when carrying out any kind of sensitive transaction. Ex: A credit-card purchase online, or the discussion of a company secret between different departments in the organization.
TYPES OF ENCRYPTION PRIVATE KEY ENCRYPTION means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. PUBLIC KEY ENCRYPTION uses a combination of a private key and a public key. The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm.
DIGITAL SIGNATURES A DIGITAL SIGNATURE OR DIGITAL SIGNATURE SCHEME IS A MATHEMATICAL SCHEME FOR DEMONSTRATING THE AUTHENTICITY OF A DIGITAL MESSAGE OR DOCUMENT. A DIGITAL SIGNATURE CAN BE USED WITH ANY KIND OF MESSAGE, WHETHER IT IS ENCRYPTED OR NOT, SIMPLY SO THAT THE RECEIVER CAN BE SURE OF THE SENDER'S IDENTITY AND THAT THE MESSAGE ARRIVED INTACT.
CREATION OF DIGITAL SIGNATURES a digital signature scheme typically consists of three algorithms: • hashing algorithm. • signature generation algorithm • a signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.
METHODS OF ENCRYPTION BASED ON PRIVACY •a message may be digitally signed, but not encrypted •a message may be encrypted first, then digitally signed •a message may be digitally signed first, then encrypted Encryption scrambles or modifies a message or document so it cannot be read and understood, except by the intended recipient. A key is necessary to reverse the scrambling or modification, to make the message readable.
PREREQUISITES TO CREATE A DIGITAL SIGNATURE • Public-private digital key pair • Certificate Authority. • The public key certificate creates proof of the identity of the signer by using the services of a certificate authority. • A certificate authority uses a variety of processes to associate the particular public key with an individual. • The combination of public key and proof of identity result in a public key certificate - also called a signer's certificate.
HOW IT WORKS?
DIGITAL SIGNATURE VERIFICATION
SECURE SOCKET LAYER (SSL) SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client
Where Do Certificates Come In? All browsers have the capability to interact with secured web servers using the SSL protocol. However, the browser and the server need what is called an SSL Certificate to be able to establish a secure connection.
What is an SSL Certificate? How Does it Work? SSL Certificates have a key pair: a public and a private key. These keys work together to establish an encrypted connection. The certificate also contains what is called the “subject,” which is the identity of the certificate/website owner.
How Does it Work? • To get a certificate, you must create a Certificate Signing Request (CSR) on your server. • This process creates a private key and public key on your server. • The CSR data file that you send to the SSL Certificate issuer (called a Certificate Authority or CA) contains the public key. • The CA uses the CSR data file to create a data structure to match your private key without compromising the key itself. The CA never sees the private key.
Certification Authority (CA) •A trusted agent who certifies public keys for general use (Corporation or Bank). –User has to decide which CAs can be trusted. •The model for key certification based on friends and friends of friends is called “Web of Trust”. –The public key is passing from friend to friend. –Works well in small or high connected worlds. –What if you receive a public key from someone you don’t know?
(CA MODEL) TRUST MODEL Root Certificate CA Certificate Browser Cert. CA Certificate Server Cert.
SSL Walkthrough
Client Browser connects to website Web Server Step 1: Client accesses website
Client Server responds with Certificate and key Web Server Step 2: Server responds with Certificate
Client Web Server CA Client verifies certificate with CA Step 3: Client verifies with CA
Client Web Server Random Key Client sends a random key to server encrypted with the public key Step 4: Client sends random key to server
Client Web Server Random Key Step 5: All communications are now encrypted with the Random key
What is the difference between Server Certificate and Client Certificate? How can I differentiate between them? How does IIS distinguish between Client and Server Certificates? Can I use a Server Certificate as a Client Certificate or Vice-Versa?
References https://www.globalsign.com/en/ssl-information-center/what-is-an-ssl-certificate/ https://www.evsslcertificate.com/ssl/description-ssl.html http://www.techtarget.com/ http://www.symantec.com/connect/blogs/client-certificates-vs-server-certificates-what-s-difference http://blogs.msdn.com/b/kaushal/archive/2012/02/18/client-certificates-v-s-server-certificates.aspx http://blogs.msdn.com/b/kaushal/archive/2010/11/05/ssl-certificates.aspx

Recommended

Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signatureNetri Chowdhary
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
saurav5884
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
Evion Technologies
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
St Mary's College,Thrissur,Kerala
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificateKumkum Sharma
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
NetGains Technologies Pvt. Ltd.
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
svm
 
Digital signature
Digital signatureDigital signature
Digital signature
Janani S
 

Recommended

Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signatureNetri Chowdhary
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
saurav5884
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
Evion Technologies
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
St Mary's College,Thrissur,Kerala
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificateKumkum Sharma
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
NetGains Technologies Pvt. Ltd.
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
svm
 
Digital signature
Digital signatureDigital signature
Digital signature
Janani S
 
Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
Sumant Diwakar
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
How to design a digital signature in odoo
How to design a digital signature in odooHow to design a digital signature in odoo
How to design a digital signature in odoo
PlanetOdoo
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
OECLIB Odisha Electronics Control Library
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
Sumanth Paramesh
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Cryptography
CryptographyCryptography
Cryptography
TanviGogri
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
ReachLocal Services India
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introduction
Asim Neupane
 
Digital signature
Digital signatureDigital signature
Digital signature9799907840kd
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSLTony Fabeen
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureJonathon Dosh
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Gokul Alex
 
kerberos
kerberoskerberos
kerberos
sameer farooq
 
as2 concepts
as2 conceptsas2 concepts
as2 concepts
littlefoxcommunications
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
Information Security Awareness Group
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
Naveen Jakhar, I.T.S
 
SSl and certificates
SSl and certificatesSSl and certificates
SSl and certificatesNetri Chowdhary
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...
Chris Ryu
 
Digital Signiture
Digital SignitureDigital Signiture
Digital Signiture
Vikesh Bawane
 
Hacking Journalism: Using the Internet to Save the World
Hacking Journalism: Using the Internet to Save the WorldHacking Journalism: Using the Internet to Save the World
Hacking Journalism: Using the Internet to Save the World
Daniel Schultz
 
Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)
Shreeraj Shah
 

More Related Content

What's hot

Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
Sumant Diwakar
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
How to design a digital signature in odoo
How to design a digital signature in odooHow to design a digital signature in odoo
How to design a digital signature in odoo
PlanetOdoo
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
OECLIB Odisha Electronics Control Library
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
Sumanth Paramesh
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Cryptography
CryptographyCryptography
Cryptography
TanviGogri
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
ReachLocal Services India
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introduction
Asim Neupane
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Gokul Alex
 
kerberos
kerberoskerberos
kerberos
sameer farooq
 
as2 concepts
as2 conceptsas2 concepts
as2 concepts
littlefoxcommunications
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
Information Security Awareness Group
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
Naveen Jakhar, I.T.S
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...
Chris Ryu
 
Digital Signiture
Digital SignitureDigital Signiture
Digital Signiture
Vikesh Bawane
 

What's hot (20)

Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
 
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, ...
 
How to design a digital signature in odoo
How to design a digital signature in odooHow to design a digital signature in odoo
How to design a digital signature in odoo
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introduction
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSL
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
Hyperledger Indy Platform - Privacy, Security and Power for Digital Identity ...
 
kerberos
kerberoskerberos
kerberos
 
as2 concepts
as2 conceptsas2 concepts
as2 concepts
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
 
SSl and certificates
SSl and certificatesSSl and certificates
SSl and certificates
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...
 
Digital Signiture
Digital SignitureDigital Signiture
Digital Signiture
 

Viewers also liked

Hacking Journalism: Using the Internet to Save the World
Hacking Journalism: Using the Internet to Save the WorldHacking Journalism: Using the Internet to Save the World
Hacking Journalism: Using the Internet to Save the World
Daniel Schultz
 
Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)
Shreeraj Shah
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
kusum sharma
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation finaladrigee12
 
M tech2
M tech2M tech2
M tech2
vinodkumar K
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
Mohammad Yousri
 
Webinar Gratuito: "JavaScript para Hacking Web"
Webinar Gratuito: "JavaScript para Hacking Web"Webinar Gratuito: "JavaScript para Hacking Web"
Webinar Gratuito: "JavaScript para Hacking Web"
Alonso Caballero
 
y3dips hacking priv8 network
y3dips hacking priv8 networky3dips hacking priv8 network
y3dips hacking priv8 network
idsecconf
 
What The Heck Is Hacking?
What The Heck Is Hacking? What The Heck Is Hacking?
What The Heck Is Hacking?
Lars Zimmermann
 
Advanced growth hacking
Advanced growth hackingAdvanced growth hacking
Advanced growth hacking
Vasil Azarov
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
Jeremiah Grossman
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
phanleson
 
Travel Hacking 101
Travel Hacking 101Travel Hacking 101
Travel Hacking 101
nbuchan1
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
DEEPIKA WALIA
 
Web Hacking Series Part 1
Web Hacking Series Part 1Web Hacking Series Part 1
Web Hacking Series Part 1
Aditya Kamat
 
Website Hacking and Preventive Measures
Website Hacking and Preventive MeasuresWebsite Hacking and Preventive Measures
Website Hacking and Preventive Measures
Shubham Takode
 
The power of Structured Journalism & Hacker Culture in NPR
The power of Structured Journalism & Hacker Culture in NPRThe power of Structured Journalism & Hacker Culture in NPR
The power of Structured Journalism & Hacker Culture in NPR
Poderomedia
 
Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)
Jeremiah Grossman
 

Viewers also liked (20)

Hacking Journalism: Using the Internet to Save the World
Hacking Journalism: Using the Internet to Save the WorldHacking Journalism: Using the Internet to Save the World
Hacking Journalism: Using the Internet to Save the World
 
Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation final
 
M tech2
M tech2M tech2
M tech2
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners Guide
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
 
Webinar Gratuito: "JavaScript para Hacking Web"
Webinar Gratuito: "JavaScript para Hacking Web"Webinar Gratuito: "JavaScript para Hacking Web"
Webinar Gratuito: "JavaScript para Hacking Web"
 
C3 and digital citizenship
C3 and digital citizenshipC3 and digital citizenship
C3 and digital citizenship
 
y3dips hacking priv8 network
y3dips hacking priv8 networky3dips hacking priv8 network
y3dips hacking priv8 network
 
What The Heck Is Hacking?
What The Heck Is Hacking? What The Heck Is Hacking?
What The Heck Is Hacking?
 
Advanced growth hacking
Advanced growth hackingAdvanced growth hacking
Advanced growth hacking
 
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
2010: A Web Hacking Odyssey - Top Ten Hacks of the Year
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
Travel Hacking 101
Travel Hacking 101Travel Hacking 101
Travel Hacking 101
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Web Hacking Series Part 1
Web Hacking Series Part 1Web Hacking Series Part 1
Web Hacking Series Part 1
 
Website Hacking and Preventive Measures
Website Hacking and Preventive MeasuresWebsite Hacking and Preventive Measures
Website Hacking and Preventive Measures
 
The power of Structured Journalism & Hacker Culture in NPR
The power of Structured Journalism & Hacker Culture in NPRThe power of Structured Journalism & Hacker Culture in NPR
The power of Structured Journalism & Hacker Culture in NPR
 
Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)
 

Similar to The world of encryption

Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
BU
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commerce
mahesh tawade
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
CheapSSLUSA
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
rhassan84
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
rhassan84
 
Digital signature
Digital signatureDigital signature
Digital signature
AJAL A J
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Mumbai Academisc
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
Yousof Alsatom
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
The last picks
The last picksThe last picks
The last picks
Nafiur Rahman Tuhin
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
RushikeshChikane2
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
JUSTSTYLISH3B2MOHALI
 
Secure sockets layer, ssl presentation
Secure sockets layer, ssl presentationSecure sockets layer, ssl presentation
Secure sockets layer, ssl presentation
Amjad Bhutto
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
promediakw
 
SSL
SSLSSL
SSL
Badrul Alam bulon
 
presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfpresentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdf
GumanSingh10
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
jamesbarns729
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systemsAbdulaziz Mohd
 
Https
HttpsHttps
Https
Billa Kota Sriram
 

Similar to The world of encryption (20)

Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commerce
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Impact of digital certificate in network security
Impact of digital certificate in network securityImpact of digital certificate in network security
Impact of digital certificate in network security
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
The last picks
The last picksThe last picks
The last picks
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
 
Secure sockets layer, ssl presentation
Secure sockets layer, ssl presentationSecure sockets layer, ssl presentation
Secure sockets layer, ssl presentation
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
SSL
SSLSSL
SSL
 
presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfpresentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdf
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
 
Https
HttpsHttps
Https
 

Recently uploaded

A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
rickgrimesss22
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
e20449
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
Globus
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Natan Silnitsky
 

Recently uploaded (20)

A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
 

The world of encryption

  • 2. ABSTRACT THIS PRESENTATION IS JUST PROVIDING THE BASIC CONCEPTS OF THE DIGITAL CERTIFICATES, AND DIGITAL SIGNATURES WITHOUT PROVIDING ANY TECHNICAL SOLUTION OR PREFERABLE TECHNOLOGIES.
  • 3. ENCRYPTION Encryption is the conversion of data into a form, called a CIPHER Text. The use of encryption/decryption is as old as the art of communication. Encryption/decryption is especially important in wireless communications. Encryption/decryption is a good idea when carrying out any kind of sensitive transaction. Ex: A credit-card purchase online, or the discussion of a company secret between different departments in the organization.
  • 4. TYPES OF ENCRYPTION PRIVATE KEY ENCRYPTION means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. PUBLIC KEY ENCRYPTION uses a combination of a private key and a public key. The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm.
  • 5. DIGITAL SIGNATURES A DIGITAL SIGNATURE OR DIGITAL SIGNATURE SCHEME IS A MATHEMATICAL SCHEME FOR DEMONSTRATING THE AUTHENTICITY OF A DIGITAL MESSAGE OR DOCUMENT. A DIGITAL SIGNATURE CAN BE USED WITH ANY KIND OF MESSAGE, WHETHER IT IS ENCRYPTED OR NOT, SIMPLY SO THAT THE RECEIVER CAN BE SURE OF THE SENDER'S IDENTITY AND THAT THE MESSAGE ARRIVED INTACT.
  • 6. CREATION OF DIGITAL SIGNATURES a digital signature scheme typically consists of three algorithms: • hashing algorithm. • signature generation algorithm • a signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.
  • 7. METHODS OF ENCRYPTION BASED ON PRIVACY •a message may be digitally signed, but not encrypted •a message may be encrypted first, then digitally signed •a message may be digitally signed first, then encrypted Encryption scrambles or modifies a message or document so it cannot be read and understood, except by the intended recipient. A key is necessary to reverse the scrambling or modification, to make the message readable.
  • 8. PREREQUISITES TO CREATE A DIGITAL SIGNATURE • Public-private digital key pair • Certificate Authority. • The public key certificate creates proof of the identity of the signer by using the services of a certificate authority. • A certificate authority uses a variety of processes to associate the particular public key with an individual. • The combination of public key and proof of identity result in a public key certificate - also called a signer's certificate.
  • 11. SECURE SOCKET LAYER (SSL) SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client
  • 12. Where Do Certificates Come In? All browsers have the capability to interact with secured web servers using the SSL protocol. However, the browser and the server need what is called an SSL Certificate to be able to establish a secure connection.
  • 13. What is an SSL Certificate? How Does it Work? SSL Certificates have a key pair: a public and a private key. These keys work together to establish an encrypted connection. The certificate also contains what is called the “subject,” which is the identity of the certificate/website owner.
  • 14. How Does it Work? • To get a certificate, you must create a Certificate Signing Request (CSR) on your server. • This process creates a private key and public key on your server. • The CSR data file that you send to the SSL Certificate issuer (called a Certificate Authority or CA) contains the public key. • The CA uses the CSR data file to create a data structure to match your private key without compromising the key itself. The CA never sees the private key.
  • 15. Certification Authority (CA) •A trusted agent who certifies public keys for general use (Corporation or Bank). –User has to decide which CAs can be trusted. •The model for key certification based on friends and friends of friends is called “Web of Trust”. –The public key is passing from friend to friend. –Works well in small or high connected worlds. –What if you receive a public key from someone you don’t know?
  • 16. (CA MODEL) TRUST MODEL Root Certificate CA Certificate Browser Cert. CA Certificate Server Cert.
  • 18. Client Browser connects to website Web Server Step 1: Client accesses website
  • 19. Client Server responds with Certificate and key Web Server Step 2: Server responds with Certificate
  • 20. Client Web Server CA Client verifies certificate with CA Step 3: Client verifies with CA
  • 21. Client Web Server Random Key Client sends a random key to server encrypted with the public key Step 4: Client sends random key to server
  • 22. Client Web Server Random Key Step 5: All communications are now encrypted with the Random key
  • 23. What is the difference between Server Certificate and Client Certificate? How can I differentiate between them? How does IIS distinguish between Client and Server Certificates? Can I use a Server Certificate as a Client Certificate or Vice-Versa?

Editor's Notes

  1. Symmetric Encryption Symmetric encryption is the oldest and best-known technique. A secret key, which can be a number, a word, or just a string of random letters, is applied to the text of a message to change the content in a particular way. This might be as simple as shifting each letter by a number of places in the alphabet. As long as both sender and recipient know the secret key, they can encrypt and decrypt all messages that use this key. Asymmetric Encryption The problem with secret keys is exchanging them over the Internet or a large network while preventing them from falling into the wrong hands. Anyone who knows the secret key can decrypt the message. One answer is asymmetric encryption, in which there are two related keys--a key pair. A public key is made freely available to anyone who might want to send you a message. A second, private key is kept secret, so that only you know it.  Any message (text, binary files, or documents) that are encrypted by using the public key can only be decrypted by applying the same algorithm, but by using the matching private key. Any message that is encrypted by using the private key can only be decrypted by using the matching public key.  This means that you do not have to worry about passing public keys over the Internet (the keys are supposed to be public). A problem with asymmetric encryption, however, is that it is slower than symmetric encryption. It requires far more processing power to both encrypt and decrypt the content of the message.
  2. Public Key cryptography also known as asymmetric cryptography, is a class of cryptographic algorithms which requires two separate keys, one of which is secret (or private) and one of which is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature. The term "asymmetric" stems from the use of different keys to perform these opposite functions, each the inverse of the other – as contrasted with conventional ("symmetric") cryptography which relies on the same key to perform both, Public-key encryption, in which a message is encrypted with a recipient's public key. The message cannot be decrypted by anyone who does not possess the matching private key, who is thus presumed to be the owner of that key and the person associated with the public key. This is used in an attempt to ensure confidentiality.
  3. Digital signatures are based on public key cryptography, also known as asymmetric cryptography. Using a public key algorithm such as RSA, one can generate two keys that are mathematically linked: one private and one public. To create a digital signature, signing software (such as an email program) creates a one-way hash of the electronic data to be signed. The private key is then used to encrypt the hash. The encrypted hash -- along with other information, such as the hashing algorithm -- is the digital signature. The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing.