What is a digital certificate? What security services can digital certificates provide?

Digital certificate refers to an electronic document issued by CA organization, which is a series of numbers that can display the identity information of network users, and provides a way to verify the identity of network users on the computer network, so digital certificate is also called digital identification. Digital certificate ensures the integrity and security of information and data by encrypting or decrypting the information and data of network users in computer network communication.

The basic working principle of digital certificate is mainly embodied in:

First, before sending information, the sender needs to contact the receiver and encrypt the information with the public key. The information is always in the ciphertext state during transmission, including the encrypted information received by the receiver, which ensures the singleness of information transmission. If the information is stolen or intercepted, the data can be interpreted only by using the private key of the receiver, but the data cannot be changed, which is also conducive to ensuring the integrity and security of the information.

Second, the data signature of digital certificate is similar to the encryption process. After the data is encrypted, only the receiver can open or change the data information, add its own signature and then transmit it to the sender. The receiver's private key is unique and private, which also ensures the authenticity and reliability of the signature, thus ensuring the security of information.

There are many formats of digital certificates, mainly X.509v3( 1997), X509v4( 1997), X.509v 1( 1988) and so on. The most commonly used version is TUTrec.x.509V3, which is formulated by the International Telecommunication Union and contains the serial number of the certificate, the validity period of the certificate, the public key and other information.

No matter which version of digital certificate, as long as it is obtained, users can apply it to network security.

Extended data

Digital certificates have the following three characteristics:

First, safety. When a user applies for a certificate, there will be two different certificates, which are used to work on the computer and verify the information interaction of the user. If the computers used are different, the user needs to re-obtain the certificate used to verify the computers used by the user, but can't make a backup, so that even if others steal the certificate, they can't obtain the user's account information, which ensures the account information.

Second, uniqueness. Digital certificates give users corresponding access rights according to their identities. If you log in to another computer, but the user has no certificate backup and can't operate, he can only view the account information. A digital certificate is like a key. The so-called "one key can only open one lock" is the embodiment of its uniqueness.

Third, convenience. Users can immediately apply for, open and use digital certificates, and can choose the corresponding digital certificate protection technology according to users' needs. Users don't need to master the encryption technology or principle, but directly carry out security protection through digital certificates, which is very convenient and efficient.

Digital certificates are issued by CA Center, which is an authoritative and highly dependent third party. Its qualification certificate is issued by the state, which can effectively guarantee the security of network data information and make the data information office in the hands of the state. When users browse network data or conduct online transactions, digital certificates can ensure the security of information transmission and transactions.

Baidu Encyclopedia-Digital Certificate