Public-Key Certificate is issued or signed by a trusted public-key or Certificate Authority (CA) which binds identity to public key. It allows #public key exchange without real-time access to Public-Key Authority. The certificate can be verified by anyone who knows the public-key authority’s public key.
Public-Key Certificate
-
X.509 Authentication Service
X.509 Authentication Service defines a directory service and a framework that provides Authentication# services to its users. The directory is a server or in distributed architecture, a set of servers that maintains a database that stores user information. It can also serve as a repository of Public-Key Certificates# which contain the public-key of a user and signed with the private key of a trusted CA (Certification Authority).
-
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Registration request which is used to apply Public-Key Certificate# from CA
S/MIME is an extension to the existing MIME# email infrastructure focus on security enhancements in Application Layer# which is supported in many mail agents such as MS Outlook, Mozilla, Mac Mail etc. It is similar to Pretty Good Privacy (PGP) which offers ability to sign and/or encrypt messages. The public keys are distributed in the form of Public-Key Certificate# which both parties have to obtain the cert.
-
Secure Electronic Transaction (SET)
Using the SET technology, the credit card holder could order an item with payment from a merchant over the internet. This is with the assumption that both receives certificates from Certificate Authority (CA)# so that they could place trust on each other. The merchant is verified when the order is placed. The payment authorisation will be initiated by the merchant to the payment gateway once the order is confirmed. After providing the goods and services, and merchant requests payments from the gateway. Payment gateway will verify both the holder and the merchant by asking the validation from acquirer (checking with CA). If both parties are trusted and valid, the acquirer will get the payment from issuer and redirect it to the merchant.
-
Asymmetric Cryptography
It addresses two issues faced by Symmetric Cryptography: Key Distribution# and Digital Signature#. One doesn’t need to have a secure channel or a third party to distribute public keys as it will not sufficient to undermine the security of the encrypted message. Public keys could be distributed by either Public Announcement#, Publicly Available Directory#, Public-Key Authority#, or Public-Key Certificate#. We can verify whether the message is coming from the intended sender using the public key, thus able to authenticate the author. That being said, it is vulnerable to quantum computing.