From what I've read I've come to understand that a server will
digitally sign a certificate by first creating a hash, then encrypting
the hash using its private key. The server will then send the
digitally signed certificate to the client, who decrypts it using the
public key and compares it with the hash value it calculates for the
certificate.
What prevents an attacker from decoding the certificate, substituting
his own information, re-calculating the hash, re-encrypting it using
his own private key and sending it to the client along with a new
public key?
Re: How to exchange certificate ? ...certificate store (I own ONLY a public key).... >contained in a certificate store AND having an associated private key.... you can test any cert for an associated private key using: ... (microsoft.public.platformsdk.security)
Re: Client Certificates ... |> I am generating client certificates using win2k3 Certificate Services. ... | generate the request creates a public-private key pair on the fly. ... | Anything encrypted with the private key in the pair can only be ... | decrypted by the public key in the pair, ... (microsoft.public.windows.server.security)
Re: SSL Certificate - Self-Generated vs 3rd Party ? ... you mention a public key.... The term "certificate" is used to mean many things by many people. ... You use your private key to sign the certificate, ... SSL does _not_ start off with a shared secret.... (comp.security.misc)
Re: Need some information about certificates ... receiver uses your public key to verify the signature but for encryption you ... use an entities public key to encrypt the data and then the recipient uses ... their private key to decrypt the data. ...certificate installed on the server running my application. ... (microsoft.public.windows.server.security)
Re: encryption keys ...Encryption keys are used to protect data whether it be a password or file. ... A certificate authority generates the key pair [such as ... determine the private decryption key by possessing the matching public key.... pair is also used for digitally signing which means that a user uses his private key... (microsoft.public.security)
