Enter digital certificates — an authentication method that has an increasingly widespread role in today’s online world. Found in e-mails, mobile devices, machines, websites, advanced travel documents and more, digital certificates are the behind-the-scenes tool that helps keep identities and information safe.
What are digital certificates?
Developed during the eCommerce boom of the 1990s, digital certificates are electronic files that are used to identify people, devices and resources over networks such as the Internet.
Digital certificates also enable secure, confidential communication between two parties using encryption. When you travel to another country, your passport provides a way to establish your identity and grant you entry. Digital certificates provide similar identification in the electronic world.
Certificates are issued by a certification authority (CA). Much like the role of the passport office, the responsibility of the CA is to validate the certificate holder’s identity and to “sign” the certificate so that it is trusted by relying parties and cannot be tampered with or altered.
Once a CA has signed a certificate, the holders can present their certificate to people, websites and network resources to prove their identity and establish encrypted, confidential communication. A standard certificate typically includes a variety of information pertaining to its owner and to the CA that issued it, such as:
- The name of the holder and other identification information required to identify the holder, such as the URL of the Web server using the certificate, or an individual’s e-mail address
- The holder’s public key, which can be used to encrypt sensitive information for the certificate holder or to verify his or hers digital signature
- The name of the certification authority that issued the certificate
- A serial number
- The validity period (or lifetime) of the certificate (i.e., start and end date)
- The length and algorithm of any keys included.
Digital certificates are based on public-key cryptography, which uses a pair of keys for encryption and decryption. With public-key cryptography, keys work in pairs of matched “public” and “private” keys.
In cryptographic systems, the term key refers to a numerical value used by an algorithm to alter information, making that information secure and visible only to individuals who have the corresponding key to recover the information.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.