Better Safe Than Sorry: Cryptographic Algorithms and Digital Certificates

Cryptographic Algorithm Implementations

Digital Certificates

  • The Certificate Authority no longer exists or is no longer trusted.
  • The certificate has expired or has been revoked.
  • The certificate does not adhere to the required format or contains some weird non-customary information.
  • The certificate is used for a cryptographic operation not listed in its Key Usage field.
  • The certificate exposes a private key. It is never appropriate and is a severe security breach.
  • The certificate contains so-called weak algorithms, such as a weak hash function or a short public key. It pauses a threat to the safety of the hash or the key. If an attacker succeeds in breaking them, they will be able to do a lot of harm.

Takeouts

  • A host regularly performs five principal cryptographic operations: encrypt, decrypt, hash, sign, and verify. For this, it uses cryptographic algorithm implementations and digital certificates.
  • Cryptographic algorithm implementations are executable files or libraries that contain realizations of cryptographic algorithms.
  • Digital certificates are files that contain sets of credentials issued by trusted certifying authorities.
  • If it can be shown that you can trust publicly accessible Cryptographic Algorithm Implementations and Digital Certificates, then the host’s crypto-health is solid. The moment something undermines the level of trust, they become potentially vulnerable points.

--

--

--

I am a [technical] writer, poet, and engineer. My domains are IT, Cryptography, Data Science, Artificial Intelligence, Machine Learning, and Cloud Computing.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How To Setup Private DNS-over-TLS/HTTPS

{UPDATE} DinoCraft Survive & Craft Hack Free Resources Generator

Pi-Hole and DoH

{UPDATE} Viva Slots Vegas Slot Machines Hack Free Resources Generator

{UPDATE} 雲夢謠-譜一首雲中戀歌 Hack Free Resources Generator

How to Mint Yourself a Sockz

📣 Important announcement!!!

{UPDATE} Mahjong Venice Mystery Classic Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tali de York

Tali de York

I am a [technical] writer, poet, and engineer. My domains are IT, Cryptography, Data Science, Artificial Intelligence, Machine Learning, and Cloud Computing.

More from Medium

Triggering Time Delays to Identify Blind SQL Injection Vulnerability

Luanne- Hack the Box

How to "Hack" more than 1000 databases (TSDB) in 48 hours and for less than 5 USD

F3EAD the Bear