Thin king and fat king solved their problem with the untrusted messenger by the ingenious trick of using two padlocks. They felt safe for a while but one day thin king heard that one of his gifts hadn't reached fat king, in fact fat king never even got the chest to apply his own padlock on. Thin king soon understood that his messenger once again had tricked him. He had sent his messenger away with the locked chest and soon the messenger had arrived back with another padlock on the chest. He removed his own and sent the messenger away again. In hindsight he remembered that he hadn't really gotten a good look at the second padlock, probably the messenger had created his own padlock and just applied that one instead of allowing fat king to apply his. From that moment on thin king and fat king had to find a way of being sure that the padlocks were indeed theirs and not the messengers. They found out that to do this they had to involve a third party which both of them trusted, this third party could apply non-forgable stamps on the padlocks and he promised never to apply the same stamp to the messengers padlocks.
In the digital world the same problem occurs. Here the solution is called digital certificates. These certificated are used to transport the public part of a public/private key pair. A certificate contains the public key, and some extra useful stuff like validity period, name of the issuer and name of the owner of the transported public key and finally a digital signature. The certificate is created by a trusted third party, a so called CA(Certificate Authority). The CA digitally signs the certificate with his private key and everyone can verify it using the CA's public part, which everyone is supposed to know and trust.
No comments:
Post a Comment