In the previous section, we followed a scenario where Simran sends encrypted and digitally signed data to Brian. During the process, we used each other's private and public keys. A public key has to be shared between two parties. Now, the problem we have is how exactly does the system know the public key of Brian is exactly from him and not from someone that is pretending to be Brian? Therefore, we can use certificates to verify the shared public keys are exactly from the person it claims to be. It is certified by the CA, which is trusted by Simran and Brian.

Digital signature process the following occurs:

• Simran's private key will be used to encrypt the message digest. This ...