Points to remember
● Phishing: Phishing is acquiring critical
data like login credentials through telephone, sms, e-mail or any social media
by the crackers disguising as authentic.
● Authentication: Information
of the entity sending the document is often included in the document, but the
information may be inaccurate. A digital signature can be used to authenticate
the source of a document.
● Integrity: In many scenarios, the sender and
receiver of the document will require confidence that the document has not been
tampered with during the transfer. If the document was digitally signed, any
modification of the document will invalidate the signature.
● Non-repudiation: Repudiation
refers to any act of relinquishing responsibility for a message.
Non-repudiation ensures that the signer who digitally signed the document
cannot deny having signed it. The digitally signed documents strengthen its
recipient integrity claims. Therefore, the recipient can strongly insist on the
signature of the sender so as not to be easily denied at a later time.
difference between a digital signature and digital certificate is that a
digital certificate binds a digital signature to an entity; whereas a digital
signature ensures that a data remain secure from the point it was sent. In
other words: digital certificates are used to verify the trustworthiness of the
sender, while digital signatures are used to verify the trustworthiness of the
data being sent.
certificate authority maintains a database of public keys called repository so
that it can verify the user with digital signatures. Expired certificates are
usually deleted from the database by the certificate authority.
Brute-force attacks is the simplest attack method for breaking any encryption;
that is, trying all the possible keys one by one.