En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Proof of ownership of private key by client

0

AWS screenshot In the screenshot above of the AWS website, it says that "Server challenges the client for proof of ownership of the private key that corresponds to the public key contained in the certificate."

Can anyone explain how the public key present in the device certificate (along with the already present device certificate which is signed by private key) acts as the proof of ownership of the private key by the client.

Sujets
Internet des objets (IoT)Sécurité, identité et conformité
Balises
AWS IoT CoreGestionnaire de certificats AWSSécurité de la couche de transport (TLS)
Langue
English
Shubham
demandé il y a 4 mois333 vues
1 réponse
2

Hi. This is an aspect of mutual TLS rather than anything specific to AWS IoT Core. Please refer to this high level description of the sequence: https://en.wikipedia.org/wiki/Transport_Layer_Security#Client-authenticated_TLS_handshake

In particular:

The client sends a CertificateVerify message, which is a signature over the previous handshake messages using the client's certificate's private key. This signature can be verified by using the client's certificate's public key. This lets the server know that the client has access to the private key of the certificate and thus owns the certificate.

profile pictureAWS
EXPERT
Greg_B
répondu il y a 4 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents