Thanks, great video! One thing I don't understand though, it is said in the video that the certificate authority generates a hash from Alice's certificate signing request (city, state, country, etc...) then encrypts it with their private key. However, it is said that Bob creates a hash of ALL the information on the digital certificate (name of issuer, serial number, etc...). This info is not the same as the one from Alice's certificate signing request. So how can Bob get the same hash when it is generated from different info ?
you mentioned one incorrect thing here, Bob can't decrypt Hash it's one way process instead he will calculate the hash on same information that he received from Alice using selected hashing algorithm and compare both the hash, correct me if I'm wrong here
He is right. The CA has encrypted the hash with its private key. What he meant is Bon is gonna decrypt the hash to compare it to the hash that he gonna independently calculate
00:24 What? You say, this: "If Bob can *decrypt* the message that came from Alice, using Alice's public key, then Bob knows that the message came from Alice." But how would Bob decrypt a message with Alice's public key? maybe you wanted to say, that Bob should encrypt (not decrypt) the message? Unclear. Public keys are shared because the receiver should be able to encrypt the data with that public key, not decrypt. For decryption, private key is there. Then you continue, that Alice encrypts the message with the private key.. man, I think you're using public and private keys really incorrectly here.
I think what they are saying here is that if you can decrypt the message with the public key of the sender, then it must have been them who have encrypted it because only they know their private key (which is called signing a message). If someone encrypted the message with your public key and sent it to you to decrypt with your private key, there would be no way to prove that they are who they say they are. So the initial approach must be taken to prove this, but it can be disrupted by an attacker. Thus, certificates must be used.
To be honest, this is the best video where I understood why it is happening. Thank you
bro you explain it beautifully 😊😊👍👍
A crystal clear explaination .Thank you!!
Simply great! Thanks. I needed to see the bigger picture
amazingly explained, and brilliant example at the end, thank you!!!!!!!
Thank you! You deserve a lot more views.
great and highly recommend
thank you
Thanks, great video!
One thing I don't understand though, it is said in the video that the certificate authority generates a hash from Alice's certificate signing request (city, state, country, etc...) then encrypts it with their private key.
However, it is said that Bob creates a hash of ALL the information on the digital certificate (name of issuer, serial number, etc...). This info is not the same as the one from Alice's certificate signing request.
So how can Bob get the same hash when it is generated from different info ?
you mentioned one incorrect thing here, Bob can't decrypt Hash it's one way process instead he will calculate the hash on same information that he received from Alice using selected hashing algorithm and compare both the hash, correct me if I'm wrong here
He is right.
The CA has encrypted the hash with its private key.
What he meant is Bon is gonna decrypt the hash to compare it to the hash that he gonna independently calculate
good video bro
Wow this is great!
Awesome 😍
very good! 🇧🇷
Wow.. thank you 🙏
What if Tom asks Certification Authority to create an additional valid certificate and then sends it to Bob?
When Alice sent a request to Certificate Authority, did she encrypt it with her private key?
I think it's not necessary. Public key is public and can be shared with everyone.
00:24 What? You say, this: "If Bob can *decrypt* the message that came from Alice, using Alice's public key, then Bob knows that the message came from Alice." But how would Bob decrypt a message with Alice's public key? maybe you wanted to say, that Bob should encrypt (not decrypt) the message? Unclear. Public keys are shared because the receiver should be able to encrypt the data with that public key, not decrypt. For decryption, private key is there. Then you continue, that Alice encrypts the message with the private key.. man, I think you're using public and private keys really incorrectly here.
I think what they are saying here is that if you can decrypt the message with the public key of the sender, then it must have been them who have encrypted it because only they know their private key (which is called signing a message). If someone encrypted the message with your public key and sent it to you to decrypt with your private key, there would be no way to prove that they are who they say they are. So the initial approach must be taken to prove this, but it can be disrupted by an attacker. Thus, certificates must be used.
Public key is used for encryption and private key is used for decryption. So alice sends Bob her private key not public.
7:08
This is all well and good until Tom puts his own certificate in your root store.💀💀