Cryptography and Encryption Basics - III

-

 Digital Certificate:


To understand digital certificates, let's delve into a scenario:

Bob wants to securely send a digitally signed message to Alice. Firstly, Bob generates a key pair consisting of a public key and a private key. He retains his private key securely and disseminates his public key in a publicly accessible location. 


Using his private key, Bob signs the message and sends it along with the digital signature to Alice. Upon receiving Bob's digitally signed message, Alice retrieves Bob's public key from the public repository. She then employs this public key to verify the authenticity of Bob's digital signature. If the verification is successful, Alice has reasonable assurance that the message originated from Bob and remained unaltered during transmission.

However, a vulnerability arises when Bob places his public key in a public location. Imagine a scenario where a hacker intercepts Bob's digitally signed message. The hacker could discard Bob's message and fabricate a new package. By creating a new key pair and placing the public key in the same location as Bob's, the hacker could send a message purportedly from Bob. Subsequently, the hacker directs Alice to retrieve the public key from the public repository to verify the signature.

Alice, unaware of the true identity of the sender, verifies the hacker's message using the public key from the repository, assuming it belongs to Bob. This flaw highlights the absence of sender authentication in digital signatures alone.

The solution to this issue lies in digital certificates.


Digital certificates are electronic credentials issued by a trusted third party, known as a Certificate Authority (CA). They serve to not only verify the identity of the certificate owner but also confirm the ownership of the associated public key.

In the above scenario, instead of relying solely on Bob's public key placed in a public repository, Bob attaches a digital certificate to his message for Alice. This certificate contains crucial information such as version, serial number, signature algorithm identifier, validity period, issuer unique ID, Public key etc.

Alice, trusting the CA and the digital certificate, verifies the information contained within it. By doing so, she can safely assume that the public key contained in the digital certificate indeed belongs to Bob and not an imposter.

This mechanism mitigates middleman attacks and reinforces the authenticity of digital signatures. However, it's important to note that digital certificates operate on the principle of trust, relying on reputable Certificate Authorities for issuance.

By employing digital certificates, the integrity and authenticity of digital communications are strengthened, ensuring secure exchanges in the digital realm.


Comments

Post a Comment

Popular posts from this blog

Overview of ISO/SAE 21434 Standard

-
Image
ISO/SAE 21434, jointly published by the International Standardization Organization (ISO) and the Society of Automotive Engineers (SAE), serves as a comprehensive cybersecurity framework for electronic systems within road vehicles. Developed to bolster cybersecurity across the entire lifecycle of automotive products, this standard outlines essential vocabulary, objectives, requirements, and guidelines. Purpose and Scope: The primary objective of ISO/SAE 21434 is to enhance cybersecurity measures for vehicles throughout their lifecycle. By providing a standardized framework, this standard facilitates the establishment of cybersecurity policies, risk management practices, and a cybersecurity-oriented culture within organizations operating in the automotive industry. Three Pillars: ISO/SAE 21434 is structured around three main pillars: Cyber Security Governance:   Establishing policies, processes, and cultural norms to govern cybersecurity activities within organizations. Risk Man...
Read more

Cryptography and Encryption Basics - I

-
Image
Cryptography and Encryption Basics I What is encryption Encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized can't.  Converts information from plain text into encrypted ciphertext. But how...? Encryption used algorithm! An algorithm is a procedure that the encryption process follows. The specific algorithm is called the ciper or code. there are many types so encryption algorithms. The encryption's goal and level of security determine the most effective solution. Triple DES, RSA and Blowfish are some examples of encryption algorithms or Ciphers. What is Decryption? Decryption is the process of taking encoded or encrypted text or other data and converting it back into text that you or the computer can read and understand.  converts information from encrypted ciphertext into plain text  Basic Example  Private key vs Public Key Private Key (symmetric key): This means that ...
Read more

ECU LIST

-
Image
 1. BCM (Body Control Module)    - Function: The BCM is responsible for controlling various electronic systems within the vehicle's body. This includes functions like interior lighting, power windows, door locks, windshield wipers, and other comfort and convenience features.    - Importance: It acts as a central hub for various sensors and inputs, ensuring that the vehicle’s body-related electronics operate smoothly.  2. Gateway ECU    - Function: The Gateway ECU acts as a communication hub between different networked ECUs in the vehicle. It ensures that data is correctly routed between systems like powertrain, infotainment, and body control.    - Importance: Vital for ensuring seamless communication between various subsystems in modern vehicles.  3. ETM (Electric Traction Motor)    - Function: Manages the electric traction motor, which provides propulsion in electric or hybrid vehicles. It controls the motor's speed, torq...
Read more