4

Let me explain what I mean. I've read Why is faking SSL certificate difficult, and my question is sort of a step beyond that. If some random person creates a certificate, what's stopping them from creating the certificate such that it claims it's certified by trusted certificate authority? What is the actual process of creating a certificate? I'm guessing it's more complicated than calling a function and passing it the arguments of "website", "owner", "verified by". Does a webbrowser do some hashing somewhere that can verify the certificate is authentic?

Celeritas
  • 10,089
  • 22
  • 79
  • 144

1 Answers1

4

Certificates use a digital signature algorithm, based on asymetric cryptography. So it involves a key pair (public/private).

The global idea is that the certificate has to be signed by someone (usualy a CA). Signing is a cryptographic operation that can be done if you know the private key. Verifying the signature can be done if you know the public key corresponding to the private one.

So when you get a certificat, there is a digital signature with it, and you're supposed to know already the public key of the CA (Global sign in your example).

The verifying process guarantees that the signing has been done by someone how know the private key corresponding to the public key you know.

A CA is not supposed to let anyone knows its private key.

So no one can fake a CA signature, unless he managed to get the private key.

To be more precise, signing is :

  • hash the certificate

  • encrypt the hash with the private key

Verifying is then

  • decrypt the signature

  • hash the certificate

  • compare the results

If results aren't the same it means either the signature is a fake (made without the private key) or the certificate information was modified after signing. The same results means the certificate is valid.

Romain Clair
  • 550
  • 2
  • 10
  • So why can't someone take the signature **after** it was encrypted with the private key? – Maroun Apr 26 '17 at 13:44
  • 1
    The signature is not stand-alone. It is made using the private key and the hash of a certificate. If the certificate is any different, even a single bit, the signature will be different totally different. A signature without the certificate it is linked to is useless – Romain Clair May 13 '17 at 07:44
  • good point. But whatever prevents me from getting the signature after all the above procedure? I mean just after it was sent. – Maroun May 14 '17 at 20:04
  • The signature is not secret. In fact it's made to be public. The idea of the signature is to be attached to the certificate and be given to any one wanting to communicate with the certified entity. – Romain Clair May 16 '17 at 09:11