Symmetric Key Algorithms

You already learned about symmetric key ciphers and the major issue with symmetric keys. Read the section in this article on symmetric key encryptions to learn more about the advantages and disadvantages of symmetric keys. There is more information about symmetric key ciphers in this article that will be covered in more detail later in this unit, but this article will give you a preview of 3DES, IDEA, and AES ciphers. View the flashcard tool as well to better understand and to learn the terms used in cryptography such as plaintext, ciphertext, key, encryption, decryption, countermeasure, symmetric key encryption, and block cipher.

17. Validating a Certificate

Validating a certificate is a task that falls on the end user. The end user is the one trying to figure out if the certificate presented is valid. Usually, this is done by the user's software.

The process for validating a certificate includes the following steps.

  1. Compare the CA that signed the certificate to the CA in the receiver's computer

  2. Calculate a message digest for the certificate

  3. Use the CA public key to decrypt the signature and recover message

  4. Review validity dates

  5. Review identification information

  6. Compare encrypted and decrypted message to prove integrity

  7. Check revocation list for certificates

There are two techniques for checking whether a certificate has been revoked. The first is the certificate revocation lists (CRL) which are issued periodically by a CA that contains a list of certificate serial numbers that are invalid. The second method is an online check called Online Certificate Status Protocol (OCSP).OCSP is a protocol that browser software uses to query a CA dynamically for the revocation status of a certificate.