PL  |  NL  |  FR  |  ES  |  PT  |  IT  |  DE  |  DK  |  NO  |  SE  |  FI  |  GR  |  JP  |  CN  |  KR  |  RU  |  AE

  Report this article

More information

The Facts About Hosted Virtual Dedicated Servers

E~PROCESSES AND E~COMMERCE

Dedicated hosting just for you

The lowdown on VPS hosting

Online fundraising potential of social networking sites

Survey Websites: How to avoid scams

ADSENSE: HOW TO SUCCEED

Characteristics of Mobile Internet Search

A history of the mobile Internet

Internet Away from Home

Playtime on the Mobile Internet

Basic web hosting needs and Linux hosting server advantages

Taxes On eBay Income

What to consider before Signing a Contract for Online Registration Services

Advantages and disadvantages of online survey

Customize web services

In physical transactions, the challenges of identification, authentication, and privacy are solved with physical marks, such as seals or signatures. In electronic transactions, the equivalent of a seal must be coded into the information itself. By checking that the electronic “seal” is present and has not been broken, the recipient can confirm the identity of the message sender and ensure that the message content was not altered in transit. To create an electronic equivalent of physical security, some vendors use advanced cryptography.

Throughout history, most private messages were kept secret with single key cryptography. Single key cryptography is the way that most secret messages have been sent over the centuries. In single key cryptography, there is a unique code (or key) for both encrypting and decrypting messages. Single key cryptography works as follows:

Suppose Bob has one secret key. If Alice wants to send Bob a secret message:

1. Bob sends Alice a copy of his secret key.

2. Alice encrypts a message with Bob’s secret key.

3. Bob decrypts the message with his secret key.

Unfortunately, this method has several problems. First, Bob must find a secure method of getting his secret key to Alice. If the secret key is intercepted, all of Bob’s communications are compromised. Second, Bob needs to trust Alice. If Alice is a double agent, she may give Bob’s secret key to his enemies. Or, she may read Bob’s other private messages or even imitate Bob. Finally, if you have an organization with people who need to exchange secret messages, you will either need to have thousands (if not millions) of secret keys, or you will need to rely on a smaller number of keys, which opens the door to compromise.

SSL certificate technology employs the more advanced public key cryptography, which does not involve the sharing of secret keys. Rather than using the same key to both encrypt and decrypt data, an SSL certificate uses a matched pair of keys that uniquely complement each other. When a message is encrypted by one key, only the other key can decrypt it.

When a key pair is generated for your business, your “private key” is installed on your server; nobody else has access to it. Your matching “public key,” in contrast, is freely distributed as part of your SSL certificate. You can share it with anyone, and even publish it in directories. Customers or correspondents who want to communicate with you privately can use the public key in your SSL certificate to encrypt information before sending it to you. Only you can decrypt the information, because only you have your private key.

Your SSL certificate contains your name and identifying information, your public key, and the CA’s own digital signature as certification. It tells customers and correspondents that your public key belongs to you.