Extended Validation Certificate


Extended Validation Certificates are recognized web authorization method that utilizes cryptography, a PKI technology.

EVC is a unique X.509 certificate that adds a level of security to online secure data transfer by requiring more information from the “requesting entity”.
Cryptography, in modern terms is the study and/or practice of disguising information using a combination of mathematics and computer science. (cryptology; derived from Greek κρύπτω kryptó "hidden" and the verb γράφω gráfo "to write" or λέγειν legein "to speak")

PKI or Public Key Infrastructure: a form of cryptography that designates “public keys” to specified identities, through the use of digital certificates. These public keys are a result of asymmetric cryptography where a user has two keys that are mathematically linked. The keys that are generated are a Private and a Public key. (See Figure 1) The public key is widely distributed while the private key is kept private.

fig1.gif
Figure_1


Key agreement is a method in which the device communicating in the network establishes a shared secret between them without exchanging any secret data. In this method the devices that need to establish shared secret between them exchange their public keys. (See Figure 2)

- Anoop MS (2007).


fig2.gif
Figure_2







The Big Picture
§ Secure method of Data Transfer
§ Digital Signatures – useful to third parties
§ Provides an authentication method/strategy, (digital check and balance…)
§ Confidentiality
§ Message Integrity

References:
Anoop MS (2007). Public key Cryptography - Applications Algorithms and Mathematical Explanations. India: Tata Elxsi. (Figure 2)
Wiki pedia (March 2008) - Search Results: "Extended Validation Certificate", "PKI"