0

Please, correct my understanding about certificates.

Bob's public certificate consists of:

Bobs ID 
Bobs public key 
Hash of information above 
Hash, encrypted with CA private key.

Recipient uses certificate in order to know Bob's public key that will be used to encrypt messages to Bob.

Recipient decrypts certificate hash by using CA public key and compares with with hash defined in certificate. This allows recipient to know certificate is real.

Certificate is used in asymmetric encryption case.

vico
  • 269
  • 2
  • 6
  • 2
    Hi and welcome to [security.se]. I'm sorry to have to vote for closing this question, but this is really basic in term of how certificates works. Please refer to resources about certificate authority here and Wikipedia for this, they are already good sources of information – M'vy Oct 16 '17 at 08:11
  • *... that will be used to encrypt messages to Bob.* - the public key will not be used for encrypting messages. It might be used to encrypt parts relevant for the key in key exchange though, but only in RSA key exchange. – Steffen Ullrich Oct 16 '17 at 08:12
  • Steffen, so public key is used to encrypt only message with symmetric key. Whole information will be encrypted with symmetric method. We don't use asymmetric encryption for data transfer since it is too slow. I'm right? – vico Oct 16 '17 at 08:31
  • @M'vy asking basic question is perfectly fine as long as they are well-formated and in scope. – Stephane Oct 16 '17 at 08:34
  • Of course, the point was that we already have answered this multiple times. – M'vy Oct 16 '17 at 08:41
  • Does certificate always means SSL certificate? – vico Oct 16 '17 at 08:47
  • vico - in this context yes – ISMSDEV Oct 16 '17 at 09:03
  • @vico: *"so public key is used to encrypt only message with symmetric key"* - only with the (not recommended) RSA key exchange, not for DH. I recommend that you study [How does SSL/TLS work?](https://security.stackexchange.com/questions/20803/) since your questions are already addressed in the answers there. – Steffen Ullrich Oct 16 '17 at 09:08

0 Answers0