Better Safe Than Sorry: Cryptographic Algorithms and Digital Certificates

Cryptographic Algorithm Implementations

Digital Certificates

  • The Certificate Authority no longer exists or is no longer trusted.
  • The certificate has expired or has been revoked.
  • The certificate does not adhere to the required format or contains some weird non-customary information.
  • The certificate is used for a cryptographic operation not listed in its Key Usage field.
  • The certificate exposes a private key. It is never appropriate and is a severe security breach.
  • The certificate contains so-called weak algorithms, such as a weak hash function or a short public key. It pauses a threat to the safety of the hash or the key. If an attacker succeeds in breaking them, they will be able to do a lot of harm.

Takeouts

  • A host regularly performs five principal cryptographic operations: encrypt, decrypt, hash, sign, and verify. For this, it uses cryptographic algorithm implementations and digital certificates.
  • Cryptographic algorithm implementations are executable files or libraries that contain realizations of cryptographic algorithms.
  • Digital certificates are files that contain sets of credentials issued by trusted certifying authorities.
  • If it can be shown that you can trust publicly accessible Cryptographic Algorithm Implementations and Digital Certificates, then the host’s crypto-health is solid. The moment something undermines the level of trust, they become potentially vulnerable points.

--

--

--

I am a [technical] writer, poet, and engineer. My domains are IT, Cryptography, Data Science, Artificial Intelligence, Machine Learning, and Cloud Computing.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Bug Hunting: CVE-2019–19781(Remote Code Execution)

Cyber Security Matters

How a company’s rising star created the biggest data breach in their sector’s history

OWASP ZAP for beginners

Top 5 Ways to Stop Spam from Invading Your Email

A laptop with a big red Stop Spam icon.

Time Lock

What’s Wrong with Free Products in Exchange for Your Data?

ProBit Global Lists Ethax (ETHAX)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tali de York

Tali de York

I am a [technical] writer, poet, and engineer. My domains are IT, Cryptography, Data Science, Artificial Intelligence, Machine Learning, and Cloud Computing.

More from Medium

Digital Littering and the Statistics that follow

Resources that help you find out the IP address of your conversation partner using IP Logger

13 Strategies To Make Your Cybersecurity Failproof — Just Gilbey IT Solutions Ltd

PNPT Live: Week 2