4

Transcribed Image Text:

Digital Certificates What best describes the term "digital certificate"? O A digital certificate implements the abstract concept of a "digital envelop," wherein a sensitive piece of information (such as a user's public key) can be made publicly available such that the information cannot be later altered; that is, one commits to the authentic version of this information and no tampering is possible. Digital certificates constitute the prevalent way with which we implement today a public-key infrastructure, wherein users' public keys are verified to be the currently correct/valid ones via a (chain of) verified signature(s) while using minimal trust assumptions about certain users' public keys (e.g., certificate authorities). A digital certificate is simply a digitally signed message that is used by a browser to verify that domain name resolution has happened correctly, thus eliminating the possibility of IP spoofing attacks. In the three-party model for data-query authentication (a.k.a. DB-as-a-service authentication model), a digital certificate is nothing more than the computational proof that the untrusted responder serve provides the user with, in order for the user to verify the validity of the received answer.

Transcribed Image Text:

Public-Key Cryptography What motivated the design of public-key encryption and digital signatures? The need to increase the flexibility of a multi-user cryptographic system with respect to its key- management; instead of relying on session-specific shared secret keys, the use of user-specific public- key pairs removed the need for out-of-band secret communication in order to distribute shared secret keys. The need to devise post-quantum cryptographic solutions; instead of relying on the factoring assumption which is known to hold only in the classical computational model, the use of extensions of perfectly secure OTP schemes allows for security even in the quantum computational model. The need to strengthen the security provided by ciphers or MACS; instead of relying on the use of an imperfectly secure scheme (e.g., OTP or AES), computational problems that are impossible to solve were introduced, such as computing discrete logs and factoring. The need to implement what is known as hybrid encryption; instead of treating the problems of confidentiality and integrity as separate stand-alone problem, public keys allow us to address at once the problem of implementing a secure tunnel between two parties, wherein transmitted messages cannot be learned or maliciously altered.