Which statement about asymmetric encryption algorithms is true?
A.
They use the same key for encryption and decryption of data.
B.
They use the same key for decryption but different keys for encryption of data.
C.
They use different keys for encryption and decryption of data.
D.
They use different keys for decryption but the same key for encryption of data.
Explanation:
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-4/124_ssh.html
Transport Layer Protocol
Server authentication occurs at the transport layer, based on the server possessing a public-private
key pair. A server may have multiple host keys using multiple different asymmetric encryption
algorithms. Multiple hosts may share the same host key. In any case, the server host key is used
during key exchange to authenticate the identity of the host. For this authentication to be possible,
the client must have presumptive knowledge of the server public host key. RFC 4251 dictates two
alternative trust models that can be used:The client has a local database that associates each host name (as typed by the user) with the
corresponding public host key. This method requires no centrally administered infrastructure and no
third-party coordination.
The downside is that the database of name-to-key associations may become burdensome to
maintain.
The host name-to-key association is certified by a trusted Certification Authority (CA). The client
knows only the CA root key and can verify the validity of all host keys certified by accepted CAs. This
alternative eases the maintenance problem, because ideally only a single CA key needs to be
securely stored on the client. On the other hand, each host key must be appropriately certified by a
central authority before authorization is possible.