You work as the application developer at Domain.com. Domain.com uses Visual Studio.NET 2005 as its application development platform.
You are developing a .NET Framework 2.0 application that will be used for transmitting contents over the Internet.
You need to encrypt a data file before transmitting the file. The encryption is required to prevent any spoofing of the identity of the publisher of the data file.
You decide to sign the data using the publisher’s private key. You encrypt the data with the publisher’s public key as well.
The receiver of the file will use a private key that only he knows to decrypt the data and the receiver has access to the publisher’s public key also.
The intended receiver of the file should be able to decrypt the encrypted file after it was received through the Internet transmission whilst the receiver should additionally be able to detect if the contents of the data file were tampered with.
What should you do?
A.
The RSACryptoServiceProvider class should be used in the scenario
B.
The RijndaeManaged class should be used in the scenario
C.
The SHA1CryptoServiceProvider class should be used in the scenario
D.
The SHA1Managed class should be used in the scenario
Explanation:
Since the RSACryptoServiceProvider class implements an asymmetric cryptography algorithm that makes use of a set of related keys to encrypt and decrypt data this class is the correct choice in the scenario.
Incorrect Answers:
B: This class should not be used in the scenario because the RijndaeManaged class implements a symmetric cryptography algorithm that uses a single shared secret key for encrypting and decrypting data.
C, D: The classes in these two options should not be used in the scenario because the classes both implement a hash algorithm that can be used to detect tampering but they can not be used to establish the identity of the data file’s publisher.
I choose A