Is there any possibility that 1 principle can be break?Cryptography Course

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Courses Cryptography Course Is there any possibility that 1 principle can be break?

This topic contains 4 replies, has 4 voices, and was last updated by  13ushm4n 4 years, 8 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #7244

    l3t’sJ6m
    Participant

    How is it possible replacing the original certificate? Is there any case does it happen? I believe there is always a flaw when it comes to cybersec.

    • This topic was modified 5 years ago by  l3t'sJ6m. Reason: proper lining
    • This topic was modified 5 years ago by  l3t'sJ6m.
    #7460

    HomeSen
    Participant

    Can you explain a little more detailed, what you actually mean and what you are referring to?

    #25405

    13ushm4n
    Participant

    If I understand correctly you ask if it is possible to replace one certificate by another new one.

    Whatever is encrypted by the old certificate stays that way and you need the old certificate to decrypt it. No way around it.

    When you believe that your certificate has been compromised, or when it expires, you can get a new certificate. The original one is “revoked”, usually you enter this (revocation) password when you create the certificate (or your IT department may do this for you so that they can revoke the certificate for you later).
    The password is then added to revocation list so that everyone knows that the original certificate is not valid anymore.

    #26859

    SpiderX
    Participant

    It’s not the certificate the encrypts and decrypts but the private and public keys. The certificate may expired but the private and public keys does not expired. That’s why even a certificate was expired you can decrypt whatever data was encrypted by it. The certificate is thing that binds between a user and the keys on it.

    #27221

    13ushm4n
    Participant

    It’s physically possible, but not practically in an everyday use environment under normal operating conditions.
    If an application/infrastructure allows you to encrypt or sign data with an expired or revoked key or certificate, then it’s a very bad application. I don’t believe that there is such an application which would actually be used (outside lab setup).

    This would break the non-repudiation requirement. If I revoke a set of keys/the certificate and then afterwards they can still be used and are trusted, how do you proof that I’m the originator of any of data signed with those?

    The decrypt feature has to be kept for the old data obviously because otherwise the data would become inaccessible.

    • This reply was modified 4 years, 8 months ago by  13ushm4n.
Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel