Digital Signatures and Digital Certificates
Вставка
- Опубліковано 2 січ 2025
- This video explains the purpose of digital signatures and how they work. It begins by reviewing encryption and decryption using an asymmetric pair of keys, and then explains the significance of this when it comes to digital signatures, namely that it doesn’t matter which of the key pair is made public and which is kept private. The video then illustrates the digital signing process. Specifically, the creation of a hash value for the document (also known as a digest) using a hash algorithm such as SHA256 (which was created by the National Security Agency). It shows how document digest is then encrypted using the sender’s private key before being attached to the document. When the document is received, the recipient decrypts the digest using the sender’s public key. The recipient also recalculates the hash. If the hash values match, the recipient can be confident that document has not been tampered with in transit. The role of a certification authority is also covered. A certification authority issues its customer with a special file called a digital certificate which binds their public key to identifying information. This video also mentions the importance of digital signatures which it comes to cryptocurrencies. A cryptocurrency such as Bitcoin requires a secure mechanism for updating its decentralised ledger.
This is by far the most simple explanation of the presented concepts - in a way that everyone understands it and from then can move on to the more complicated parts. Excellent.
this is the only video you need to watch if you want a practical understanding of digital signatures
Wow! This might be the best video on data integrity and data authentication
- digital signatures rely on asymmetric cryptography.
Such an explanation with downgraded complexity, but with an upgraded realization. Exceptionally wonderful.
Thank you :)KD
This is the single best illustration/explanation of this concept on the internet. Keep making these videos man, you've got talent.
Thank you :)KD
2 days on the internet trying to understand this subject , your 11 min video made it , thank you alot !
Glad to be of service :)KD
Done thanks
0:15 explaining RSA
1:30 digital signatures: it doesn’t matter what key we encrypt with (public or private) the message can only be decrypted with the other key. A message can be digitally signed by encrypting it with the private key and then others can verify the signature by decrypting with public key.
3:58 digital signature example
5:40 sender hashes the message, encrypts the hash with their private key. Receiver decrypts the hash with the sender’s public key, and if it matches the message then receiver knows message came from sender
7:00 why we need digital certificates on top of digital signatures. Someone could be pretending to be the sender, and digitally signs the message. The receiver has no way of verifying the sender’s identity.
Digital certificates is how the receiver can verify that a public key actually belongs to the sender
8:00 how certificate authority works
Studying for CCNA Cyberops , the Cisco documentation on this is a complete mess. This video is pure gold , incredibly simple and clear. Thank you sir , keep up the great work . On more subscriber for your great channel :)
Exactly here for the same reason, good luck on you exam.
Perfect! At 6:19 I first thought you made a mistake but after finnishing the whole video you carefully explain how a CA works. Brilliant. Thank you.
You are very welcome.
You deserve an Oscar for that kind of explanation .
Thank you. I'll start writing my speech. :)KD
Used this video to get my Sec+ a few years back now... Back to refresh myself on this for my SSCP. Awesome video. Thank you so much!
Thank you for simplifying the concept of digital keys and explaining the role of hashing in it. Your explanation has made it easy for anyone to understand these complex theories.
You are most welcome :)KD
You have talent to explain concepts...Thank you
You're very kind. Thanks for the comment. :)KD
This channel is underrated!
Thank you :)KD
I love the narration, the humour, the analogies and the simple and easily understandable format. Thank you!
You are most welcome :)KD
@@ComputerScienceLessonsthe explanation is phenomenal sir. I wish you could make more videos on cybersecurity topics esp security+. I'd gladly join your patteon
This is the best explanation of digital certificates and digital signature i have come across. Thank you :)
Thank you :)KD
It's crystal clear the way you explain and demonstrate with animation.
Thank you :)KD
Amazing teaching. After viewing this video, finally I can understand the concept clearly.
Thanks for this amazing video, it helped me understand digital signature more better
10 from 10! so easy to understand, A good lesson for other UA-camrs talking about Digital Signature!
wow! that is very well made. direct, clear and no annoying repetitions
Thank you :)KD
you took 10 minutes to teach me whatever my teacher trying to teach me in 3 hours, damn !!!
Glad to help :)KD
exceptionally clear and easy to understand
Thank you :)KD
fabulous explanation, simple and clear.
This is by far the best explanation i've ever seen of this. Thanks a lot :D.
Finally, you explain it crystal clear! Thanks you very much!
You're most welcome. Thanks for commenting :)KD
I cannot thank you enogh for this video.
You explained it without extra info
Thanks alot 👍👍👍
You welcome. Thanks for the lovely comment. :)KD
Best video about digital certificates ever.
Thank you so much :)KD
Finally, thank you so much I've been trying to understand this for a while now.
You're most welcome. :)KD
Thank for this breakdown, it gave me a better understanding of the entire concept.
You are most welcome :)KD
Very good and clear explanation.
This is best and simplest explanation. Thanks
Best explanation ever ❤ thanks bro
Thank you so much :)KD
finally, someone who puts it clearly and totally
Thanks for the comment. Really appreciated. :)KD
Love this video. 100 out of 10 ( ten, yes ), you deciphered it properly.
Thank you so much :)KD
THanks so much for this video, Fought hours to understand this
What a brilliant work !
Best explanation ever. Thank you Sir.
Excellent!! Explained in such a simple way. Thanks!
Thank you too :)KD
This video is really nice! However there is one part I can't wrap my head around. From my understanding:
1: Person A types a message
2: Person A generates a hash of the message using sha
3: Person A encrypts the generated hash using their private key
4: Person A appends the encrypted hash to the message as a signature, and sends it to person B
5: Person B receives the message along with the signature
6: Person B decrypts the signature (encrypted hash) using person A's public key
7: Person B runs sha on the message to generate a hash.
8: Person B compares the resulting hash from the message to the hash from decrypting the signature
9: If they are the same, it;s been verified successfully.
So, what's the point of the sha layer exactly? Why not simply add the message encrypted with person A's private key as a signature? In both cases only person A's public key would be able to decrypt it so I can't see how running it through sha would make a difference.
Nice question. One of the key features of a hash algorithm is that it produces a hash value of a fixed size. SHA256 for example will produce a hash value that is always 256 bits long, no matter how big the original message. This ensures that the digital signature is a manageable size, regardless of the document being signed. You might like my series on cryptocurrency which also explains the benefits of hashing.
ua-cam.com/play/PLTd6ceoshprd7UngbhRHMgKXcWz4PIBEe.html
:)KD
This is so lucid. Beautifully explained
Thank you :)KD
Great job 👍 amazing explanation 👏 thank you so much .
You're very welcome. 😳 :)KD
@6:12 If How does Jill know that she cannot decrypt Jacks signature with his Public Key? Does the attempted decryption show a 'fail' message or code?
This functionality is built into software such as a web browser. Jill will get a message like 'could not logon' or 'transaction failed' depending on what she is trying to do. :)KD
@@ComputerScienceLessons Thanks, this video was helpful!
Best explanation I have seen!😁
Thank you :)KD
I think I attained Nirvana after watching this!
Thank you!!
It's been a while since I've done that for anyone. You are very welcome :)KD
Finally I got this concept!!! Thanks!!
Delighted to help - it's actually a brilliantly simple idea isn't it!? :)KD
Really great video! Explained the things clearly.
Delighted to help :)KD
i just saw this one video, but this is enough reason to subscribe. whatever you post I'm gonna watch it. damn
Welcome aboard :)KD
Amazing explanation TQ
You're most welcome :)KD
Thank you very much for clearing the concept
You are most welcome :)KD
6:44 What is the use of encrypting the hash value here using BOB Private key and sending, As however it can be decrypted by BOB's public key which is available to everyone
You can directly send the hash value or use Gill public key and encrypt and send right?
1:36 Isn't the public key derived from the private key? If someone has a private key can't they generate the public key themselves?
Hi Tom. The public and private keys are created together. They are mathematically related, very large, numbers. They are useless without each other and cannot be created independently of each other (without an impractical amount of computation - or a quantum computer). This video should clear up the relationship between the keys... :)KD
ua-cam.com/video/cKWA8f7xdL8/v-deo.html
In asymmetric cryptography, there are two keys: a public key and a private key. Each key has a specific role:
Encryption:
Typically, the public key is used to encrypt data.
The corresponding private key is used to decrypt the data.
Decryption:
Only the private key can decrypt the data encrypted with the public key.
However, the roles can be reversed in a different context, such as digital signatures:
Signing:
The private key is used to create a digital signature.
The public key is used to verify the signature.
Very impressive explanation
Awesome explanation.best video found on this topic
Thank you.
simple explanation. all i can say is wow!!!!
Thank you :)KD
Wonderful video!! Thanks a lot for great explanation
You're most welcome. Thanks for the lovely comment. :)KD
Nice way of explaining through graphics....
Thanks for the video. Keep up the good work 👍
The presentation is really clean.
Thank you :)KD
Great Explanation! Much appreciated
You're very welcome :)KD
Amazing explanation. Thanks
Very well explained
Thank you :)KD
Lovely work well done.
Thank you. Lovin' your name :)KD
Wts thats just genius 👏 how people come out with these stuff
fantastic channel i love it
Thank you. That's music to my ears :)KD
Good freaking job mate, thanks.
TY :)KD
great explanation
Thank you. You might like my crypto videos :)KD
Does Jill contact the certificate authority to make sure the public key on the certificate (that is sent to her by jack) is the same as the one in the certificate authorities database? If not, surely the digital certificate could just be ‘forged’
the certificate is signed by the CA. if the signature isn't valid it's forged
Such a clear explanation - thank you !
great content. I wonder if it calculates different hash for different data so digital signature is changed everytime on certificates or not ?
Excellent lesson!
Thank you :)KD
never having worked with this stuff I really don't understand. jack presents his public key along with the digest and puts it in a digital certificate. Jill trusts this because she trusts the 3rd party that "vouched" for jack. I get that in a very generic sense. but what exactly does jill see when she compares the certificate to whatever she sees when she queries the certification authority?
Hopefully, nothing. The process is carried out by the web browser in the background. If there's a problem she may see a message saying the websites certificate in invalid. (double click the little padlock in your browser's address bar). :)KD
Thank you for that. The certification authority is the bit missing from most other explanations!
You are very welcome. :)KD
Good Explanation
Thank you :)KD
If the public key has the algorithm to encrypt a message if someone has the same public key can't he reverse engineer it and decrypt it?
Thank you so much!!!! This was SOO helpful.
You are very welcome :)KD
Amazing explanation :-)
Thank you :)KD
outstanding video
Best video on the topic
Thank you :)KD
excellent explanation!!!
Thanks for saying so. :)KD
Good content 🙂
Thank you :)KD
That was all I ever needed thank you so much for explaining with that great tone!
You made my day :)
Thanks for the complement :)KD
For the past fews months I'm looking for something on cryptography and i found this finally thanks
This is really a great explanation, Question: If we talk about a real scenario, A client browser want to access some webpage and send a request, what would be the actual message first time from client and what will be the revert from the server?
In the example, The message is the actual document but what would be in the actual scenario? is it certificate itself from the web server?, that's what I can guess.
I'm still unclear on how asymmetric encryption works. It makes sense when you use the public to encrypt and the private key to decrypt. But if A sent a message to B and used the private key to encrypt it and B will use the public key to decrypt it, what would stop C from intercepting the message and using the public key to decrypt it? Or is it a situation where you *can* use the private key to encrypt and the public key to decrypt, but you wouldn't because then anyone with the public key could decrypt it?
You are correct. The public key is used to encrypt the message and the private key yo decrypt it. It's like me sending you a box with an open padlock, but keeping the key to myself. You could lock something inside the box and send it back to me (locked). Only I have the key. Have you watched this one yet? ua-cam.com/video/mjWTU-hRmyg/v-deo.html :)KD
@@ComputerScienceLessons than why does jill use private key to encrypt?
@@ComputerScienceLessons but you are saying sompletely different thing in the video mate.
so we use the same private key to encrypt data as well as to sign or better use different pairs?
Is the Digital Certificate embedded in the document that is being sent or attached to the email message with the document? What prevents a bad guy from obtaining a copy of someone else's digital certificate and using it to pass himself off as the rightful owner of the digital certificate?
How does the receiver know that she has to use SHA 256? Are these agreed before?
Encrypted communications are typically managed automatically by the software being used by the people communicating. The cryptosystem being used is built into the software. For example, when we buy things online, our web browser and the sellers webserver take care of everything for us. :)KD
sorry to bother you after 2-3 years mate but in the video it's explicitly mentioned multiple times throughout, that the senders and receivers "really do not care if anyone sees the message" because the public key is...well..public [and that they just want to verify each other's identities]
what happens if we do care about people snooping then? if A encrypts a secret message with their private key then sends it to B, how can they be sure that no C or D intercepts them and reads A's message instead.
(or is secure data transmission a completely different topic and not related to key encryption whatsoever?)
or is just the fact that we simply never use our/the sender's private keys to encrypt outgoing messages and that we instead use the receiver's public key instead? ,so in our case A uses B's public key to encrypt his secret message so that B and only B can read it with their private key? (actually I think this is it and I regret asking the stupid stuff above but it'd be nice if someone could verify this info)
This is a tricky concept to get your head around if you are new to it. You seem to have got it... If I wanted to send YOU an encrypted message, then you would create the public and private keys, and send me your public key. When I receive your public key, I would use it to encrypt my message, and I would send you the ciphertext. Only YOU possess the matching private key, so only YOU can decrypt the message. This all happens automatically when we use a web browser to connect to a secure website.
You may find this interesting...
ua-cam.com/video/mjWTU-hRmyg/v-deo.html
and this...
ua-cam.com/video/cKWA8f7xdL8/v-deo.html
:)KD
@@ComputerScienceLessons thanks a lot, love your channel, keep it up 👍
great explanation. If the message was intended to be confidential, wouldn't Jack want to encrypt the message with Jill's public key?
This is Bob, Bob is builder !!! caught me so off guard ahahhaahah
He says he's a builder, but he's really a con artist :)KD
So if you don't have a certificate authority where does Jill's computer look to verify the public key?
Ugh, this is great thank you so much!
You're welcome. :)KD
"This is Bob. Bob's a builder"
Man/Woman of culture, I see.
Oh yes. I'm currently in talks wit the Teletubbies. :)KD
At 6:42 how does decryption work with public key??
Got the answer now: Asymetric crypto works both ways..if a message is encrypted with Public key then it can be only decrypted with the related private key and also if the message is encrypted with private key then it can only be decrypted by related public key
for more info: ua-cam.com/video/Z8M2BTscoD4/v-deo.html
@@whitecover3230 then anyone will be able to decrypt it,
but as he said it doest really matter if anyone else sees the message, all it matters is to confirm senders identity
great video
Thank you :)KD
Good explanation. However, it's weird when you say "decrypt" @ 6:12. One cannot decrypt something that has been encrypted with a private key using a public key. A better word would be "verify" or something.
if someone was in the middle of a digital signature between person a and b couldnt they(person m) hash the email/text and sign it with their own key and send that to person b. Then when person b sends an email back to a, person m can hash the email and send a resigned version back to a?
thanks it helps a lot
You're welcome :)KD