2-4 Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI
Advanced
Certificates
CertificatesPublic-key cryptography uses a pair of keys:
Public Key, which encrypts data (known to the world)
A corresponding private key for decryption (secret)
Anyone with access to your public key can encrypt information, but only the person who has the
corresponding private key can decrypt the information.
Digital Certificates
When working with public-key cryptography, the user must be careful and verify that the correct public
key is used. Man-in-the-middle attacks pose a potential threat, where an ill-intending 3rd party posts a
phony key with the name and user ID on an intended recipient. Data transfer that is intercepted by the
owner of the counterfeit key can fall in the wrong hands.
Digital certificates provide a means for establishing whether a public key truly belongs to the supposed
owner. It is a digital form of credentials. It has information on it that identifies you, and an authorized
statement to the effect that someone else has confirmed your identity.
Digital certificates are used to foil attempts by an ill-intending party to use an unauthorized public key.
A digital certificate consists of the following:
A Public Key
Certificate Information - the “identity” of the user (name, user ID, etc.).
Digital Signatures - A statement stating that the information enclosed in the certificate has been
vouched for by a Certificate Authority (CA).
Binding this information together, a certificate is a public key with identification forms attached,
coupled with a stamp of approval by a trusted party.