crypto:asymmetric:authentication

About

Sender Authentication is based on the digital signature. If you can decrypt the signature successfully, it proves that the message come from:

a particular sender
or group

Type

There is three type of authentication:

public key authentication based where the server authorizes only messages that can be decrypted by a authorized public key (see the asymmetric digital signature verification)
cert-based authentication where the server authorizes only client that are in possession of certificate signed by authorized CA.
shared secret in a symmetric authentication

Concept

Key

the private key remains (only) with the user (The possession of this key is proof of the user's identity. Only a user in possession of a private key that corresponds to the public key located at the server will be able to authenticate successfully.
the public keys are stored on the server in a file known as the SSH - Authorized Keys file (on Server)

For the procedure. see Digital signature procedure

Key Manager

The KeyManager is a program (or function) that decides which authentication credentials should be sent to the remote host for authentication during SSL handshake.

Type

Mutual

Mutual Authentication, in addition to server authentication, the client also has to present its certificate to the server.
The server verifies it
If both server and client authenticated themselves, then authentication is a success.

See the dedicated page: What is a certification base authentication (also known as Client certification / Mutual TLS authentication) ?

Table of Contents

About

Type

Concept

Key

Key Manager

Type

Mutual

Documentation / Reference