Digital Certificates

What is a digital certificate?

In cryptography, a digital certificate is an electronic document that uses a digital signature to bind together a public key with an identity – for example, the name of an organization. The certificate is used to confirm that a public key belongs to a specific organization.

What is the purpose of a digital certificate?

The digital certificate is used to establish a trusted environment between two remote entities (two private individuals or a person and a web server) that need to mutually identify each other in order to communicate and/or exchange confidential information.

Learn more

Certificate Authority

What is a Certificate Authority (CA), and why are CAs necessary?

A Certificate Authority (CA) is an organization that issues digital certificates to be used by other parties. These certificates contain the certificate holder’s public key, and also authenticate the certificate holder’s identity. CAs are needed because they act as trusted third parties that certify the identity of certificate owners, and sign the digital certificates which enable encryption of data transmitted between certificate owners and relying parties.

Learn more

PKI

What is a public-key infrastructure (PKI)?

The purpose of a public-key infrastructure is to manage keys and digital certificates. By managing keys and certificates through a PKI, an organization establishes and maintains a trustworthy networking environment. A PKI enables the use of encryption and digital signature services across a wide variety of applications.

Learn more

Symmetric and asymmetric cryptography

What is a public key (used in asymmetric cryptography)?

Public-key cryptography is a method used to securely send and exchange messages (authentication of the sender, guarantee of integrity and confidentiality). This technique is based on the principle of an “asymmetric key pair” consisting of encryption keys (encryption is the general term used for mathematical data encoding and decoding techniques). Each individual involved in a transaction has a “private key” and a “public key.” You mustn’t divulge your private key to anyone, but you can give your public key to all of your contacts, with no restrictions. The general principles of public key cryptography are described below:

  • A message encoded with a private key can only be decoded using the associated public key.
  • Similarly, a message encoded with a public key can only be decoded using the associated private key.
  • A given public key can only be associated with a single private key (several different private keys cannot have the same public key as their complement).
  • Likewise, a given private key can only be associated with a single public key (several different public keys cannot have the same private key as their complement).
Learn more