SlideShare uma empresa Scribd logo

Digital certificates

Transferir como PPTX, PDF
Buddhika Karunanayaka
Buddhika Karunanayaka

PKI, Digital Certificate

Tecnologia
1 de 15
Digital Certificates (PKI) 1
Cryptography History • Cryptography is the art of encrypting and decrypting information • The earliest known use of cryptography was the Egyptians in 1900BC • Julius Ceaser use a simple substituion cipher to secure his communications • Thomas Jefferson, in 1790, invented a cipher wheel that the US Navy used in WWII • In the late 20s and early 30s, the FBI established an office to combat the increasing use of cryptography by criminals (rum runners) • Dr. Hosrt Feistel invented the precusor to DES while at IBM • In 1976, the Federal Govt introduced DES based on using Feistel ciphers • In 1977, Scientific American magazine introduced us to Rivest, Shamir and • Aldeman or RSA encryption. They offered it for free with a self addressed • envelope and the NSA promptly freaked out • 1990 brought us the 128 bit cipher called “IDEA” • X.500 was the orginal protocol in 1988 • X.509 V3 was released in 1996 2
(X.509 digital certificates)what for ● 802.1x port authentication ● Digital Signatures ● File Encryption ● Web Authorization (SSL) ● IP Security (end-point to end-point) ● Secure Email ● VPNs 3
Digital Certificate Electronic Certificate it contains information about an individual or entity. It Is issued from a trusted 3rd party. Contains information that can prove its authenticity. Has an expiration date.It Is presented to someone (or some thing) for validation. (Ex. driver’s license or passport) 4
Introduction to Public Key Infrastructure (PKI) PKI is a security architecture that has been introduced to provide an increased level of confidence for exchanging information over an increasingly insecure Internet. Public |<>| Private 5
The Public Key used for Encryption Another person uses your public encryption key when they want to send you confidential information. The information to be sent is encrypted using your public key*. You can provide your public key to the sender, or it can be retrieved from the directory in which it is published. 6
The Private Key used for Decryption A private key is used to decrypt information that has been encrypted using its corresponding public key. The person using the private key can be certain that the information it is able to decrypt must have been intended for them, but they cannot be certain who the information is from. 7
Plain text Encrypt with B’s public key Plain text Decrypt with B’s private key Sender (A) Netwo rk Receiver (B) Cipher text Cipher text 8
Customer A Customer B Customer C Bank’s public key Bank’s public key Bank’s public key Bank’s private key Bank 9
C1(S1) C4(S4) C2(S2) C3(S3) S1 S2 S3 S4 Certificate Servers Certificate Generator 10
Certification Authority (CA) It Is a combination of hardware and software which is responsible for creating digital certificates It can issue certificates to individuals, organizations, network devices, servers, or other CAs 11
Support for Windows / Linux • Outlook • Lotus Notes • Netscape / Mozilla • Thunderbird 12
PKI (Public Key Infrastructure) -Infrastructure using pairs of public and private keys to ensure privacy and security of data. Private Key -One half of the PKI key pair and which is never given out to anyone. This key can be protected by a password. Public Key -The second half of the PKI key pair that can be given out to the public or placed on a key server. CA (Certificate Authority) (Ex. DNS) -A trusted authority that signs your certificates and validates the certificate. Terminology 13
Self Signed Certificate – A digital certificate that you signed and validated using a private CA and is not trusted by default in the real world. SSL (Secure Socket Layer) – A protocol developed by Netscape to provide a secure method of exchanging data using a browser over a public network such as the internet. Hash -Hashing is taking a file and applying a hashing algorithm to it and generating a mathematical checksum. RSA (Rivest, Shamir and Aldeman) – A public key cipher that can be used to encrypt and to digitally sign. DSA (Digital Signing Algorithm) – Like RSA, it is a public key cipher but it can only be used to digitally sign. PKCS#12 (Personal Information Exchange Syntax) – A portable container file format that can be used to transfer certificates and private keys. Terminology 14
algorithm MD5 – Message Digest 5. Hash algorithm that was released in 1991. SHA1 – Secure Hash Algorithm version 1 ciper was released in 1995. There are improved versions of SHA collectively called “SHA2” 15

Recomendados

Digital Certificate
Digital CertificateDigital Certificate
Digital CertificateSumant Diwakar
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 

Recomendados

Digital Certificate
Digital CertificateDigital Certificate
Digital CertificateSumant Diwakar
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Cryptography
CryptographyCryptography
CryptographyDarshini Parikh
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificateNetGains Technologies Pvt. Ltd.
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificatesStephane Potier
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologyNeha Bhambu
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys101 Blockchains
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureInformation Technology
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
Digital certificates &amp; its importance
Digital certificates &amp; its importanceDigital certificates &amp; its importance
Digital certificates &amp; its importancesvm
 
Digital signature
Digital signatureDigital signature
Digital signatureHossain Md Shakhawat
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 

Mais conteúdo relacionado

Mais procurados

Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificatesStephane Potier
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Encryption technology
Encryption technologyEncryption technology
Encryption technologyNeha Bhambu
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureInformation Technology
 
Digital certificates &amp; its importance
Digital certificates &amp; its importanceDigital certificates &amp; its importance
Digital certificates &amp; its importancesvm
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 

Mais procurados (20)

Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificates
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Encryption technology
Encryption technologyEncryption technology
Encryption technology
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key Infrastructure
 
SSL
SSLSSL
SSL
 
Digital certificates &amp; its importance
Digital certificates &amp; its importanceDigital certificates &amp; its importance
Digital certificates &amp; its importance
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 

Destaque

Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pkiPrabhat Goel
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerCheapSSLUSA
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Cryptography & Digital certificate
Cryptography & Digital certificateCryptography & Digital certificate
Cryptography & Digital certificateDeepak Kumar (D3)
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificateKumkum Sharma
 

Destaque (14)

Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signature
 
Basic concept of pki
Basic concept of pkiBasic concept of pki
Basic concept of pki
 
Pki for dummies
Pki for dummiesPki for dummies
Pki for dummies
 
Firewall
Firewall Firewall
Firewall
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
Kerberos
KerberosKerberos
Kerberos
 
Kerberos
KerberosKerberos
Kerberos
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Cryptography & Digital certificate
Cryptography & Digital certificateCryptography & Digital certificate
Cryptography & Digital certificate
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificate
 
PKI in Korea
PKI in KoreaPKI in Korea
PKI in Korea
 

Semelhante a Digital certificates

Rothke Info Security Canada 2007 Final
Rothke Info Security Canada 2007 FinalRothke Info Security Canada 2007 Final
Rothke Info Security Canada 2007 FinalBen Rothke
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationAlex Punnen
 
Digital signature and digital identity
Digital signature and digital identityDigital signature and digital identity
Digital signature and digital identityEmanuele Cisbani
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSSURBHI SAROHA
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017FRSecure
 
15 intro to ssl certificate &amp; pki concept
15 intro to ssl certificate &amp; pki concept15 intro to ssl certificate &amp; pki concept
15 intro to ssl certificate &amp; pki conceptMostafa El Lathy
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Petar Radanliev
 
How encryption works
How encryption worksHow encryption works
How encryption worksMariko Saitoh
 
How encryption works
How encryption worksHow encryption works
How encryption workss1180012
 
Cryptography
CryptographyCryptography
CryptographyJasim Jas
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vandaVanda KANY
 
Linux for Cybersecurity CYB110 - Unit 7.ppsx
Linux for Cybersecurity CYB110 - Unit 7.ppsxLinux for Cybersecurity CYB110 - Unit 7.ppsx
Linux for Cybersecurity CYB110 - Unit 7.ppsxBrenoMeister
 

Semelhante a Digital certificates (20)

Rothke Info Security Canada 2007 Final
Rothke Info Security Canada 2007 FinalRothke Info Security Canada 2007 Final
Rothke Info Security Canada 2007 Final
 
s117
s117s117
s117
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentation
 
Digital signature and digital identity
Digital signature and digital identityDigital signature and digital identity
Digital signature and digital identity
 
Basic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSSBasic Cryptography unit 4 CSS
Basic Cryptography unit 4 CSS
 
Data encryption
Data encryptionData encryption
Data encryption
 
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 6 – FRSecure CISSP Mentor Program 2017
 
15 intro to ssl certificate &amp; pki concept
15 intro to ssl certificate &amp; pki concept15 intro to ssl certificate &amp; pki concept
15 intro to ssl certificate &amp; pki concept
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
 
How encryption works
How encryption worksHow encryption works
How encryption works
 
Cryptography
CryptographyCryptography
Cryptography
 
Sw2
Sw2Sw2
Sw2
 
Week 12 slide
Week 12 slideWeek 12 slide
Week 12 slide
 
Week 12 slide
Week 12 slideWeek 12 slide
Week 12 slide
 
How encryption works
How encryption worksHow encryption works
How encryption works
 
Cryptography
CryptographyCryptography
Cryptography
 
Secure 3 kany-vanda
Secure 3 kany-vandaSecure 3 kany-vanda
Secure 3 kany-vanda
 
$ii7oi5i-12
$ii7oi5i-12$ii7oi5i-12
$ii7oi5i-12
 
Linux for Cybersecurity CYB110 - Unit 7.ppsx
Linux for Cybersecurity CYB110 - Unit 7.ppsxLinux for Cybersecurity CYB110 - Unit 7.ppsx
Linux for Cybersecurity CYB110 - Unit 7.ppsx
 
Week12
Week12Week12
Week12
 

Último

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Último (20)

Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Digital certificates

  • 2. Cryptography History • Cryptography is the art of encrypting and decrypting information • The earliest known use of cryptography was the Egyptians in 1900BC • Julius Ceaser use a simple substituion cipher to secure his communications • Thomas Jefferson, in 1790, invented a cipher wheel that the US Navy used in WWII • In the late 20s and early 30s, the FBI established an office to combat the increasing use of cryptography by criminals (rum runners) • Dr. Hosrt Feistel invented the precusor to DES while at IBM • In 1976, the Federal Govt introduced DES based on using Feistel ciphers • In 1977, Scientific American magazine introduced us to Rivest, Shamir and • Aldeman or RSA encryption. They offered it for free with a self addressed • envelope and the NSA promptly freaked out • 1990 brought us the 128 bit cipher called “IDEA” • X.500 was the orginal protocol in 1988 • X.509 V3 was released in 1996 2
  • 3. (X.509 digital certificates)what for ● 802.1x port authentication ● Digital Signatures ● File Encryption ● Web Authorization (SSL) ● IP Security (end-point to end-point) ● Secure Email ● VPNs 3
  • 4. Digital Certificate Electronic Certificate it contains information about an individual or entity. It Is issued from a trusted 3rd party. Contains information that can prove its authenticity. Has an expiration date.It Is presented to someone (or some thing) for validation. (Ex. driver’s license or passport) 4
  • 5. Introduction to Public Key Infrastructure (PKI) PKI is a security architecture that has been introduced to provide an increased level of confidence for exchanging information over an increasingly insecure Internet. Public |<>| Private 5
  • 6. The Public Key used for Encryption Another person uses your public encryption key when they want to send you confidential information. The information to be sent is encrypted using your public key*. You can provide your public key to the sender, or it can be retrieved from the directory in which it is published. 6
  • 7. The Private Key used for Decryption A private key is used to decrypt information that has been encrypted using its corresponding public key. The person using the private key can be certain that the information it is able to decrypt must have been intended for them, but they cannot be certain who the information is from. 7
  • 8. Plain text Encrypt with B’s public key Plain text Decrypt with B’s private key Sender (A) Netwo rk Receiver (B) Cipher text Cipher text 8
  • 10. C1(S1) C4(S4) C2(S2) C3(S3) S1 S2 S3 S4 Certificate Servers Certificate Generator 10
  • 11. Certification Authority (CA) It Is a combination of hardware and software which is responsible for creating digital certificates It can issue certificates to individuals, organizations, network devices, servers, or other CAs 11
  • 12. Support for Windows / Linux • Outlook • Lotus Notes • Netscape / Mozilla • Thunderbird 12
  • 13. PKI (Public Key Infrastructure) -Infrastructure using pairs of public and private keys to ensure privacy and security of data. Private Key -One half of the PKI key pair and which is never given out to anyone. This key can be protected by a password. Public Key -The second half of the PKI key pair that can be given out to the public or placed on a key server. CA (Certificate Authority) (Ex. DNS) -A trusted authority that signs your certificates and validates the certificate. Terminology 13
  • 14. Self Signed Certificate – A digital certificate that you signed and validated using a private CA and is not trusted by default in the real world. SSL (Secure Socket Layer) – A protocol developed by Netscape to provide a secure method of exchanging data using a browser over a public network such as the internet. Hash -Hashing is taking a file and applying a hashing algorithm to it and generating a mathematical checksum. RSA (Rivest, Shamir and Aldeman) – A public key cipher that can be used to encrypt and to digitally sign. DSA (Digital Signing Algorithm) – Like RSA, it is a public key cipher but it can only be used to digitally sign. PKCS#12 (Personal Information Exchange Syntax) – A portable container file format that can be used to transfer certificates and private keys. Terminology 14
  • 15. algorithm MD5 – Message Digest 5. Hash algorithm that was released in 1991. SHA1 – Secure Hash Algorithm version 1 ciper was released in 1995. There are improved versions of SHA collectively called “SHA2” 15