Digital Signatures
What are the two essential properties of a hash function?
A hash function is non-revertible and produces a unique hash for each unique string of data.
What does a hash function do?
A hash function takes an arbitrary string of data and produces a string of known length
What icon appears when a domain uses a self-signed certificate?
A padlock (not green)
What is stored on the chip of an Estonian ID card?
A private encryption key
What are the three steps CA's use to issue certificates?
A public key is signed by the CA, the CA uses official documents to verify identity, and the CA issues a certificate
What is a certificate which is not signed by a CA called?
A self-signed certificate
What information is contained in a certificate issued by a CA?
A serial number, the owner's name, public key(s), validity period, name of the CA, other information
What are the two basic steps of applying a digital signature?
Applying a hash function to the document and encrypting the hash with a private key.
What is the purpose of limiting the period of validity for a certificate?
CA's make more money because people have to continually certify their keys.
In a very general summary, how do Certification Authorities work?
Everyone sends their generated keys to the CA, and the CA certifies the keys.
What percentages of fraudulent websites have the green padlock icon?
Over 40 percent
What are the factors of authentication used in Estonian digital signatures?
Ownership (must own the card), and Knowledge (must know the PIN code).
What are the three purposes of a digital signature?
Proving the integrity of the document, proving authorship of the document, and eliminating the possibility of denying authorship of the document.
Why must there be a way to communicate with a CA?
So that compromised keys/certificates can be revoked
What does a domain receive when its public key is issued a certificate by a CA?
The green padlock icon
How are public keys for CA's widely distributed?
The keys are often integrated into operating systems
How are root certificates signed?
They are self-signed
What are root certificates?
Trusted root CA's
What is the main issue with the basic digital signature process?
You can tell that a document has been signed, but you cannot verify the identity of the person who signed it.
How many factors of authentication does an Estonian digital signature use?
2
How are root certificates used?
Certificates are generally certified in a chain of CA's leading back to the root certificates
What are the three steps to signing a document with an Estonian ID card?
The document is hashed, the hash is transferred to the card, and the card's processor "signs" the hash with an encryption key.
What is the most important thing to remember about Certification Authorities?
We trust them completely