Intro to Cryptography WGU C839 Module 4 Already Passed

Intro to Cryptography WGU C839 Module 4 Already Passed These are usually the encryption of a message digest with the senders private key. In order to verify them, the recipient uses the senders public key. They are considered good if they provide the following. Authentication Integrity Non-repudiation Digital Signature It is a digital document that contains a public key and some information to allow your system to verify where they key came from. This is the most common way to distribute pubic keys in asymmetric cryptography. Digital Certificate uses asymmetric key pairs and combines software, encryption and services to provide a means of protecting the security of business communications and transactions. PKI (Public Key Infrastructure) They are in place by the RSA to ensure uniform certificate management throughout the internet PKCS (Public Key Cryptography Standards) A certificate is a digital representation of information that identifies you as a relevant entity by a? Trusted Third Party (TTP) This is an entity trusted by one or more users to manage certificates CA (Certificate Authority)Used to take the burden off of a CA by handling verification prior to certificates being issues. They act as a proxy between user and CA. They receive requests, authenticate them and forward them to the CA RA (Registration Authority) is a set of rules that defines how a certificate may be used. CP (Certificate Policy) An international standard for the format and information contained in a certificate. The most common type of digital certificate in the world. Relied on by S/MIME Contains your name, info about you and signature of the person who issued the certificate X.509 List of certificates issued by a CA that are no longer valid CRL (Certificate Revocation List) CRL Distribution Method: CA automatically sends the CRL out at regular intervals PUSH Model CRL Distribution Method: The CRL is downloaded from the CA by those who want to see verify a certificate. This is the end users responsibility Pull Method Is a Base64 encoded DER certificate, enclosed between "------ BEGIN CERTIFICATE ------" AND "------ END CERTIFICATE ------" .pem Usually in binary DER form, but Base64-encoded certificates are common too. .cer, .crt, .der PKCS#7 Signed Data structure without data just certificate(s) or CRL(s) .p7b, p7c PKCS#12, may contain certificate(s) pubic and private (password protected) keys. .p12Predecessor of PKCS#12 usually contains data in PKCS#12 format with files generated in IIS .pfx A newer protocol for verifying certificates in real-time Online Certificate Status Protocol (OSCP) Determining the path between X.509 digital certificates and a trusted root Delegated Path Discovery The validation of the path to the trusted root according to a particular validation policy Delegated Path Validation Setup and initialization Administration Cancelati