You work as the application developer at Domain.com. Domain.com uses Visual Studio.NET 2005 as its application development platform.
You use a Windwos XP Professional client computer named Certkiller -WS554 as your development computer.
You are developing a .NET Framework 2.0 application on Certkiller -WS536. The application will be used to send data over the internet.
You are required to ensure that the sent data is not modified or tampered with during transmission, the secrecy of the data transmission is not considered important.
You recently decided to implement a hash value for the data by using a secret key and transmit the data along with the hash value.
The receiver of the data should be able to detect whether the data or the hash value has been modified whilst the receiver should have access to the secret key that was used for computing the hash value.
You must additionally ensure that a key sequence of 160 bits should be acceptable.
What should you do?
A.
The DESCryptoServiceProvider class should be used to encode the data prior to transmission
B.
The HMACMD5 class should be used to encode the data prior to transmission
C.
The MACTripleDES class should be used to encode the data prior to transmission
D.
The HMACSHA1 class should be used to encode the data prior to transmission
Explanation:
The SHA1 has function is used by the HMACSHA1 class to compute a Has-based Message Authentication Code (HMAC) and additionally HMAC can be used to check if a message has been modified during the transmission.
Incorrect Answers:
A: The class should not be considered for use in the scenario because the class is used to encode the data to protect and maintain its secrecy.
B: The class should not be used because the scenario requires a hash sequence of 160 bits and the class only provides a hash sequence of 128 bits.
C: The class should never be considered for use in the scenario because the class uses a secret key of length 16 or 24 bytes whilst producing a hash sequence of 8 bytes.
Correct answer is D