Use this information to learn what cryptography is
and how digital certificates use cryptographic functions to provide security.
Cryptography is the science of keeping data secure. Cryptography allows
you to store information or to communicate with other parties while preventing
noninvolved parties from understanding the stored information or understanding
the communication. Encryption transforms understandable text into an unintelligible
piece of data (ciphertext). Decrypting restores the understandable text from
the unintelligible data. Both processes involve a mathematical formula or
algorithm and a secret sequence of data (the key).
There are two types of cryptography:
- In shared or secret key (symmetric) cryptography,
one key is a shared secret between two communicating parties. Encryption and
decryption both use the same key.
- In public key (asymmetric) cryptography, encryption
and decryption each use different keys. A party has pair of keys consisting
of a public key and a private key. The public key is freely distributed, typically
within a digital certificate, while the private key is securely held by the
owner. The two keys are mathematically related, but it is virtually impossible
to derive the private key from the public key. An object, such as a message,
that is encrypted with someone's public key can be decrypted only with the
associated private key. Alternately, a server or user can use a private key
to "sign" an object and the receiver can use the corresponding public key
to decrypt the digital signature to verify the object's source and integrity.