Cryptography is the science of converting information "in the clear" in coded information that is not understandable, then, from the coded information, to restore the original information.
Symmetric cryptography and asymmetric cryptography
We speak of symmetric cryptography where multiple people use the same key to encrypt and decrypt messages. The main disadvantage of this system is the sharing of this unique key between different people: How to send to everyone and securely this unique key that allows you to encrypt and decrypt?
In this type of cryptography, each user has two keys:
A private key that must be kept secret.
A public key that is available to all other users.
These two keys are mathematically related. In practice, the public key used to encrypt messages, and the private key used to decrypt them.Once the encrypted message, only the recipient is able to decrypt it. The utility PGP (Prety Good Privacy) works this way. The integrity of information
Good cryptography is to offer a guarantee of the integrity of information.Indeed, it should not be possible to modify encrypted information seamlessly.A process of checking the integrity of the message (encrypted and unencrypted) must be established.This process is performed by a hash function.The result of a hash (hash in English) is a kind of digest of the original message.
The authentication of the corresponding
One aspect not to be overlooked when it is desired to secure transactions is the authentication of correspondents: The person to whom I send an encrypted message is she the one to whom I think?The person who sends me an encrypted message is she the one to which I think? The principle of authentication uses a prover (who claims to be, who identified himself) and a verifier (the service provider) the verifier submits a challenge to the prover that he must achieve.This implies that pre-prover and verifier have agreed to share a secret.
The digital signature
This is a unique electronic code that allows you to sign a coded message.This signature identifies the origin of the message: it has the same function as a signature "by hand".This is the private key that can sign, and the public key to verify the signature.
The digital certificate
This is an electronic document that maps a key with an entity (individual, company, computer ...).This match is validated by a certification authority (Certificate Authority: CA).These certificates are used to identify an entity.This certificate is normalized (standard X.509v3).Specifically, the user data (identity of the owner of the key, public key and use the key) are themselves signed by the CA, to include certain specific data (period of validity, the encryption algorithm used, serial number, etc. ...).
The registration authority
It is an organization that generates requests for certification of a user.The recording of this user is validated after verification of the information about that user.The request is then sent to the CA.
It is an organization that generates certificates for different users.This is a must for the establishment of a secure system (e-commerce. ..).
PKI stands for "Public Key Infrastructure", ie "Public Key Infrastructure" (PKI).It is a set of tools (software and hardware) that manage the cryptographic keys and certificates.The IGC provides secure transactions and information exchange between two parties to ensure the confidentiality, integrity and authentication.
Association and the public key of the entity (certificate).
SPKI means "Simple Public Key Infrastructure", ie "Simple Public Key Infrastructure" (ICPS).This infrastructure allows a more direct use of the authorization.Indeed, in the IGC, authorization takes place as follows:
The key is obtained via an identification certificate in X.509 format.
Of this identity, we get or not authorized.
Under ICPS, authorization is given or not, from the key itself.