Attack on data always happens without the person involve realize about it. This is why data encryption is important. Data encryption using asymmetric key is one of the most trustable data security algorithm. When the sender wants to send data or message, data encryption will change the data to an indecipherable state by using algorithms or theorems. Data encryptions are initially used by the authority military to communicate with each other during the old days. Nowadays, data encryption has become more recognized and people use it publicly. Diffie-Hellman Key-Exchange idea is that individual can exchange keys openly while ensure privacy (Mollin, 2007). Such as, one for encryption that opens for public and one for decryption to keep private. …show more content…
A digital certificate is a document or files that are used to prove the identity in sender in communication over internet. Digital certificate also enables secure and confidential communication between two parties (Macphee, 2001). The digital certificate includes the information about the owner of the certificate, the public key of the owner of the certificate, the period of validity of the certificate, the name of the issuer (the CA that issued the certificate), the serial number of the certificate and the digital signature of the issuer (Kovinic, 2011). In this stage, the process is known as cryptanalysis which the private key is related to the public key in the digital certificate. The certificate holder has to hold the private key securely. The digital certificate operates when the sender wants to send the message or data would request the receiver’s digital certificate which contains the public key from the original source. During this stage, private key is used to encrypt the message or data before sending to the receiver. After that, the encrypted message can only be decrypted by receiver’s public key. According to Kovinic (2011), the data contains in the digital certificate are digitally signed and then confirmed by the Certification Authority (CA). The responsibility of Certification Authorities is issuing the certificates associated with a key pair to a user whose identity it has already verified and it represents a true authority trusted by all the person who takes part in the communication. When the information of the digital certificate and issuing the certificate are done, then the digital signature proves a communication originated from a particular sender and has not been manipulated or attacked from third party. The digital signature is a mechanism for solving the message-authentication problem with asymmetric keys (Bellare & Rogaway, 2011). (Stallings, 2005)