Certificates: Building Blocks of Digital Trust

The importance of digital certificates in today's internet environment is invaluable. They serve as the foundation of digital trust.

A certificate is simply someone's (such as Hakateam's) public key combined with someone else's (such as LetsEncrypt's) digital signature. So Letsencrypt has signed a "paper" that says something like this:

When someone comes to the Hakatemia's pages, Hakatemia gives the user's browser this certificate. And then the browser can see that "okay, letsencrypt (or whoever CA ever) has signed this certificate stating that this website has this public key so let's believe it now".

A digital certificate, also known as an SSL/TLS certificate, is a digital file that proves the identity of a web server or website. It contains a public key and information about the key's owner and the issuer of the certificate. The certificate is signed and issued by a trusted certificate authority (CA), ensuring its authenticity.

Certificate Authorities are organizations that issue, sign, and manage digital certificates. They act as trusted third parties, ensuring the authenticity of the certificate and its owner. Some well-known CAs include Let's Encrypt, Comodo, and Symantec.

These CAs also have their own key pairs, the public key of which is already preloaded in your browser or computer.

## Certificates: Building Blocks of Digital Trust

The importance of digital certificates in today's internet environment is invaluable. They serve as the foundation of digital trust.

### What is a digital certificate?

A certificate is simply someone's (such as Hakateam's) public key combined with someone else's (such as LetsEncrypt's) digital signature. So Letsencrypt has signed a "paper" that says something like this:

"Hakatemia's public key is C6 E3 DC...".

![](sanity:image-341e2dc92f43eca924a78409d3e84b57422efea4-1060x1302-png)

When someone comes to the Hakatemia's pages, Hakatemia gives the user's browser this certificate. And then the browser can see that "okay, letsencrypt (or whoever CA ever) has signed this certificate stating that this website has this public key so let's believe it now".

A digital certificate, also known as an SSL/TLS certificate, is a digital file that proves the identity of a web server or website. It contains a public key and information about the key's owner and the issuer of the certificate. The certificate is signed and issued by a trusted certificate authority (CA), ensuring its authenticity.

![](sanity:image-bbe362d41519ee69e989eca87a9cf838ce832bee-1068x1120-png)

### Certificate Authorities (CA)

Certificate Authorities are organizations that issue, sign, and manage digital certificates. They act as trusted third parties, ensuring the authenticity of the certificate and its owner. Some well-known CAs include Let's Encrypt, Comodo, and Symantec.

These CAs also have their own key pairs, the public key of which is already preloaded in your browser or computer.


Certificates: Building blocks of digital trust

From the history of cryptography to current use, the basics of encryption, technologies, applications and their impact on security.

Welcome to Hakatemia's cryptography course!

In this course, we will go through the basics of cryptography, the most important encryption algorithms, and their modern applications. The course is beginner-friendly and practical.

The goal is that after the course you will know what cryptography is, what it is used for, and how to choose the right encryption techniques and settings for different purposes.

What is cryptography? Basic concepts and uses

Introduction to Cryptography

Caesar Cipher: The Ancient Code That Changed Communication

The Enigma Machine: How WWII Codebreakers Unlocked the Greatest Mystery of the War

Historical encryption techniques

Checksums

What are hash functions and what are they used for?

Cracking Hashes: How Does It Work?

MD5 hash - a broken classic

PBKDF2, BCrypt, SCrypt and Argon2

SHA2 vs SHA3 vs PBKDF2 vs bcrypt vs SCrypt vs Argon2: Which to choose for password storage?

Diversion functions

What is MAC and why is it needed?

Different MAC algorithms

MAC algorithms

Random numbers in cryptography

Random numbers

What is symmetric cryptography?

Block Ciphers

DES, 3DES and AES

Stream Ciphers

Initialization vector (IV) and its vulnerabilities in cryptography

Symmetric cryptography

What is asymmetric cryptography?

Digital signatures

Key exchange algorithms

Asymmetric cryptography

Encoding methods

Encoding Methods (Encoding Methods)

 TLS (Transport Layer Security): The foundation of Internet security

Public Key Infrastructure (PKI): The Foundation of Digital Trust

TLS Building Blocks: Cipher Suites

SSL/TLS threats

SSL/TLS and PKI

What is key management and why is it important?

Key management in cloud services: AWS, GCP and Azure

On-Premise Key Management with HashiCorp Vault

CertBot and automatic renewal of certificates

HSM modules

TPM modules

Key management

Auditing SSL/TLS settings with Qualys' SSL Labs scanner

Auditing SSH settings with Nmap

CyberChef - A browser-based cryptographic Swiss army knife

Useful Crypto Tools

Cryptography - Learned Practice

Crypto - Final Exercise

Cryptography

Certificates: Building blocks of digital trust

Certificates: Building Blocks of Digital Trust

What is a digital certificate?

Certificate Authorities (CA)

Learn to hack — start here