CAcert is a community-operated, non-profit Certification Authority (CA) operated by the Geneva-based non-profit organization CAcert Incorporated, formerly registered in Australia. CAcert issues X.509 certificates free of charge for various purposes and is intended to be an alternative to the commercial certificate authorities, some of which charge quite high fees for their certificates. As a … [Read more...]

Email encryption is used to send sensitive information encrypted via email. There are two different principles for this, which are used independently of each other. First, end-to-end encryption encrypts an email end-to-end between the sender and recipient. Second, with point-to-point or transport encryption, the transmission distance of an email is encrypted between two components in the email … [Read more...]

The gpg-agent is an important part of GnuPG that plays a similar role to the ssh-agent in OpenSSH. It has been integrated into the system as of GnuPG version 2.0.x and performs several tasks related to the management of keys and passphrases. One of the main functions of the gpg-agent is to store private key passphrases in memory for a period of time. This eliminates the need to re-enter the … [Read more...]

A digital certificate is a digital record that confirms certain properties of people or objects and whose authenticity and integrity can be verified by cryptographic methods. In particular, the digital certificate shall contain the data necessary for its verification. The certificate is issued by a certification authority, the Certification Authority (CA). Public key certificates according to … [Read more...]

A digital signature, which is not same as electronic signature have emerged as a cornerstone of security and authentication. Digital signatures have a broad usage including password-less login to SSH session. While it is true that key-based SSH login is more secure than using a password, unfortunately relying only on one authentication method is not sufficient. In case of server, to make the SSH … [Read more...]

GNU Privacy Guard, abbreviated GnuPG or GPG, is a free cryptography system. It is used to encrypt and decrypt data, as well as to generate and verify digital signatures. The program implements the OpenPGP standard according to RFC 4880 and was developed as a replacement for PGP. Versions 2.0 and later also implement the S/MIME and PGP/MIME standards. By default, GnuPG uses only patent-free … [Read more...]

In computer security, a Sybil attack is an attack on peer-to-peer networks by creating false identities. The attack can, for example, aim to influence majority votes and the network organization, to specifically slow down the network, to disrupt the networking in the network, or to intercept communications between other peers. The name comes from the book Sybil by Flora Rheta Schreiber from 1973, … [Read more...]

In cryptology, Web of Trust (WOT) is the idea of securing the authenticity of digital keys through a network of mutual confirmations (signatures), combined with the individually assigned trust in the confirmations of others ("owner trust"). It is a decentralized alternative to the hierarchical PKI system. Public key encryption offers the advantage (compared to symmetric encryption) that the key … [Read more...]

At its core, a digital signature is a cryptographic scheme that enables the verification of the authenticity and integrity of a digital message or document. It involves the use of mathematical algorithms to generate a unique digital fingerprint, or signature, for a specific piece of data. We have discussed the basics of digital signature in our earlier articles. In the case of digital signatures, … [Read more...]

Confusion between Electronic Signatures and Digital Signature is a common problem. When I write "Abhishek Ghosh" on a paper, you name it as "ink signature". If you write "Abhishek Ghosh" on S24 Ultra with my S Pen, that becomes an electronic signature. A digital signature is a cryptographic method which we have explained in our earlier article. While both terms are often used interchangeably, … [Read more...]