Home > Tips > Encryption and Decryption > Certificate Authority

Certificate Authority (CA)

Encryption decryption, Digital signature provider in India, Certificate Authority (CA), SSL, Secure Transaction

What is Certificate Authority?
In cryptography, a certificate authority or certification authority (CA) is an entity which issues digital certificates for use by other parties. It is an example of a trusted third party. CAs are characteristic of many public key infrastructure (PKI) schemes. There are many commercial CAs that charge for their services. Institutions and governments may have their own CAs, and there are also free CAs. A CA issues digital certificates which contain a public key

and the identity of the owner. The CA also attests that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates.

If the user trusts the CA and can verify the CA's signature, then they can also verify that a certain public key does indeed belong to whoever is identified in the certificate. If the CA can be subverted, then the security of the entire system is lost.

Suppose an attacker, Mallory (to use the Alice and Bob convention), manages to get a CA to issue a false certificate tying Alice to the wrong public key; the corresponding private key is known to Mallory. If Bob subsequently obtains and uses Alice's public key in this (bogus) certificate, the security of his communications to her could be compromised by Mallory - since Bob's messages could be decrypted by Mallory, or he could be tricked into accepting forged signatures from Alice.

What is a Digital Signature Certificate?
Digital Signature Certificates (DSC) are the digital equivalent (that is electronic format) of physical or paper certificates. Examples of physical certificates are drivers' licenses, passports or membership cards. Certificates serve as proof of identity of an individual for a certain purpose; for example, a driver's license identifies someone who can legally drive in a particular country. Likewise, a digital certificate can be presented electronically to prove your identity, to access information or services on the Internet or to sign certain documents digitally.

World wide largest service providers
Worldwide, the certificate authority business is fragmented, with national or regional providers dominating their home market. This is because many uses of digital certificates, such as for legally binding digital signatures, are linked to local law, regulations, and accreditation schemes for certificate authorities.

However, the market for SSL certificates (used for website security) supports a number of multinational companies. A 2007 market share report from Security Space as of September of that year determined that VeriSign and its acquisitions (which include Thawte and more recently Geotrust) have a 57.6% share of the certificate authority market, followed by Comodo (8.3%), GoDaddy (6.4%), DigiCert (2.8%), Network Solutions (1.3%), and Entrust (1.1%).

Indian service providers
Certification Agencies are appointed by the office of the Controller of Certification Agencies (CCA) under the provisions of IT Act, 2000. There are a total of seven Certification Agencies authorised by the CCA to issue the Digital Signature Certificates (DSCs). The details of these Certification Agencies are available on the portal of the Ministry www.mca.gov.in

Home > Tips > Encryption and Decryption > Certificate Authority