Which statement describes how the sender of the message is verified when asymmetric encryption is used?
A.
The sender encrypts the message using the sender’s public key, and the receiver decrypts the message using the sender’s private key.
B.
The sender encrypts the message using the sender’s private key, and the receiver decrypts the message using the sender’s public key.
C.
The sender encrypts the message using the receiver’s public key, and the receiver decrypts the message using the receiver’s private key.
D.
The sender encrypts the message using the receiver’s private key, and the receiver decrypts the message using the receiver’s public key.
E.
The sender encrypts the message using the receiver’s public key, and the receiver decrypts the message using the sender’s public key.
Explanation:
should be C. they exchange public key for encryption, so that the encrypted message coming from the sender is something that can be decrypted by receiver’s private key (since he owns both public and private key)
When we say to “Verify the message”, sender is encrypting with private key. the public key is well known, we know the only person can encrypt message was the right person (verification).
When we say “message confidentiality”, we reply message to the peer by encrypting with peer’s public key, because only peer’s private key can decrypt the message. (confidential).
The two scenarios are vice versa each other, keep that noticed.
Thus, option B is the correct answer.
Please also compare to the second scenario on Question 36760 on:
http://www.aiotestking.com/cisco/2012/05/which-statement-describes-how-vpn-traffic-is-encrypted-to-provide-confidentiality-when-using-asymmetric-encryption/
QR: Says
Digital Signatures
Digital signatures are often used in the following situations:
■ To provide a unique proof of data source
■ To authenticate a user by using that person’s private key, and the signature it generates
■ To prove the authenticity and integrity of PKI certificates
■ To provide a secure time stamp
The following steps indicate how digital signatures function:
STEP 1. A user wants to sign some data. The user uses a signature algorithm with a personal signature key; only the signer
knows this signature key.
STEP 2. Based on the input data and a signature key, the signature algorithm generates its output, called a digital signature .
STEP 3. The sending device attaches the digital signature to the message and sends the message to the receiver.
STEP 4. The receiving device verifies the signature with the verification key, which is usually public.
STEP 5. The receiving device inputs the message, the digital signature, and the verification key into the verification algorithm,
which checks the validity of the digital signature.
STEP 6. If the check is successful, the document was not changed after signing, and the document was originated by the
signer of the document.
The sender receives public key of receiver during key exchange process and then it encrypts the data with receiver’s public so that it can be sent on public network and on receiver’s end it can decrypted using related private key.
Xiao is correct…there is a nasty subtle difference in language for test-taking purposes, because frankly, in public key encryption using asymmetric encryption, as long as the same party generates the key pair, he can either use his own (the senders’) private key to encrypt, and receiver used the sender’s public key to decrypt, or vice-versa, sender can use the receiver’s public key to encrypt, and then the receiver use the receiver’s private key to decrypt. Either way, the private key is only know to the same party that produced the public key.
Xiao made a great observation in the language here being used to “verify” the sender.
Frankly, the question stinks, because of the like question which has a different answer as noted.
I think the answer is C.
You can use asymmetric algorithms for confidentiality or for authentication.I see the term Encryption in the statement.
Let’s see:
Asymmetric Algorithms for Confidentiality (encryption)
Public Key (Encrypt) + Private Key (Decrypt) = Confidentiality
The following steps are involved in asymmetric encryption to provide confidentiality:
Step 1. Sender acquires receiver’s public key (Alice asks Bob for his public key and Bob sends it to her).
Step 2. Sender encrypts the message using the receiver’s public key.
– Remember that this key is known to everyone. Often the public key is a symmetric key.
Step 3. The encrypted message is sent to the receiver.
Step 4. The receiver will decrypt the message with his private key.
– Only the receiver can decrypt the message because no one else has the private key.
Asymmetric Algorithms for Authentication (Data Integrity):
Private Key (Encrypt) + Public Key (Decrypt) = Authentication
1. Alice (sender) encrypts a message with her private key.
2. Alice transmits the encrypted message to Bob (receiver).
3. To verify that the message actually came from Alice, Bob requests and acquires Alice’s public key.
4. Bob uses the public key to successfully decrypt the message and authenticate that the message came from Alice.
Answer: B
I have to reconsider my answer, because Bob (receiver) verifies or authenticates the message from the sender. Here, the asymmetric algorithm is used for authentication.
Guys B is right
Bare in mind that the sender is to be verified – only he knows his private key
if receiver’s public key was used for encryption by the sender – there is a chance that someone else then the sender know it, unauthorised peer would encrypt data with receiver’s public key and the receiver would still decrypt the data with his private key, therefore assuming all is good to go – we don’t want that
if sender’s private key is used we can be sure he is who he claims to be as he is the only one who knows his private key. Of course there is a chance that someone else has sender’s public key but why would we care at this point as we(receiver) know who sent the data over to us which was encrypted with private key – only one person has it, the sender
http://searchsecurity.techtarget.com/definition/asymmetric-cryptography
“Any other user who wants to send an encrypted message can get the intended recipient’s public key from a public directory. They use this key to encrypt the message, and they send it to the recipient. When the recipient gets the message, they decrypt it with their private key, which no one else should have access to.”
Therefore, the correct answer is C
Thank you,
Matt Horan (CCIE)
Is that a CCIE-FAIL? lol. B is correct.
Sending the Message:
Step 1. Alice runs the original message through a hash function, creating a unique value.
Step 2. Alice encrypts the hash value with her PRIVATE KEY, resulting in the digital signature.
Step 3. The signature is attached to the message.
Verifying the Message:
Step 1. For Bob to verify that Alice is indeed the originator of the message, Bob must have Alice’s public key.
Step 2. Bob will extract the signature from the message.
Step 3. The message will be hashed using the same process that Alice used, and a result will be generated.
Step 4. The signature will also be decrypted using Alice’s PUBLIC KEY, and a hash value will be generated.
Step 5. Bob will then compare the message hash value to the signature value. If they match, Bob can be reasonably certain that the message is unaltered.
http://www.ciscopress.com/articles/article.asp?p=1613315
Respectfully,
Mathew Bray (CCNA)
As Mathew Bray, explain the good answer is B.
All details the given on this Cisco Press web link:
http://www.ciscopress.com/articles/article.asp?p=1613315
PKI Prerequisite
To use PKI, a public/private key pair must first be established. Generally, the longer the key, the higher the level of security provided by that key.
A private key is simply a long string of characters, typically 512. As the name indicates, this key is not to be shared and must always be kept private.
The public key is public and distributed to anyone.
The public/private key pairs are simple to generate and the private key is (nearly) impossible to derive from the public key. Although any security algorithm can be broken given enough time and CPU cycles, longer keys make this task infeasible.
This is just an extract of this article
The C are not the good answer because the Public Key/Private Key are pair from only one person can encrypt and decrypt message.
Regards,
Bob
Per the listed reference: http://www.ciscopress.com/articles/article.asp?p=1613315
The sender of an encrypted message can encrypt the data but cannot decrypt the data after it has been encrypted. The recipient’s public key is used to encrypt the data. The data is sent to the recipient, and once it is received is decrypted with the recipient’s private key.
Answer C
http://www.cisco.com/en/US/tech/tk1132/technologies_white_paper09186a00800e79cb.shtml
Data that is encrypted with the public key can be decrypted with the private key, and vice versa (Scenarios 1 and 2). However, data encrypted with the public key cannot be decrypted with the public key (Scenario 3). The parties who need to encrypt their communications will exchange their public keys (contained in the certificate), but will not disclose their private keys. The sending party will use the public key of the receiving party to encrypt message data and forward the ciphertext (encrypted data) to the other party. The receiving party will then decrypt the ciphertext with their private key.
correct answer is C
I think answer B is wrong due to if you could decrypt a message using sender’s public key, anybody will decrypt any message because everybody knows public keys!! Right answet C.
Regards
Correct answer should be C. Sender will use the receiver public key to encrypt the message and then sender will use his private key to decrypt the message.
B would be correct! The public key is public and doesn’t authenticate anyone at all. If the sender encrypts a message using their private key, then a receiver can know that the message was indeed send from the sender, as it can only be decrypted with the sender’s public key.
C is correct
The receiver will send to the sender its public key to encrypt the data to be sent. Once sent, only the receiver will be able to decrypt the data sent by the sender as the receiver was the only one who knows the private key to be used to decrypt the encrypted data. Private and public key pair.
In my opinion both B and C saying the same thing but reversing who is sending the message to whom. Am I wrong, please explain this to me ?
WE WIL NEVER KNOWS AHHAHAHAHAHAAHA
The key issue here is the “how do we verify the sender” which then means we are looking at signatures as opposed to encryption. With this being the case it will be B as the sender needs to send something which uniquely identifies them. Intuitively we know that something that is known only to the sender is their PRIVATE key, and so they will be composing a message with their PRIVATE key – that message can then be decrypted by anyone with the senders PUBLIC key but as the content of the message is not important nor sensitive that is ok. Please see Section 1.3 on Page 4 of this PDF http://www.cgi.com/files/white-papers/cgi_whpr_35_pki_e.pdf
If you look back to Section 1.2 you see the Encryption and Decryption – which relates to the scenario described by the answer C, but the question isn’t asking about protecting the data in the message but the asking to verify the sender. Thereby making it Signature and Verification which is answer B.
The correct answer is B.