Allen is using a security feature that ensures that if hackers want to compromise a private key, they will only be able to access data in transit protected by that key and not any future data because future data will not be associated with that compromised key?
Which security feature is he using?
A.
IPSec
B.
PGP
C.
SPKI
D.
PFS
Explanation:
PFS (Perfect Forward Secrecy) will ensure that the same key will not be generated again, so forcing a new diffie-hellman key exchange. Perfect forward secrecy (or PFS) is the property that ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the (long-term) private keys is compromised in the future. Forward secrecy has been used as a synonym for perfect forward secrecy, since the term perfect has been controversial in this context. However, at least one reference distinguishes perfect forward secrecy from forward secrecy with the additional property that an agreed key will not be compromised even if agreed keys derived from the same long-term keying material in a subsequent run are compromised.Answer option C is incorrect. Simple public key infrastructure (SPKI) does not deal with public authentication of public key information, that grew out of 3 independent efforts to overcome the complexities of X.509 and PGP’s web of trust. SPKI does not bind people to keys, since the key is what is trusted, rather than the person. SPKI does not use any notion of trust, as the verifier is also the issuer. This is called an ‘authorization loop” in SPKI terminology, where authorization is integral to its design.
Answer option B is incorrect. Pretty Good Privacy (PGP) is an encryption method that uses public- key encryption to encrypt and digitally sign e-mail messages during communication between e- mail clients. PGP is effective, easy to use. and free. Therefore, it is one of the most common ways to protect messages on the Internet.
Answer option A is incorrect. Internet Protocol Security (IPSec) is an Internet Protocol security standard. It is used to provide a general, policy-based IP layer security mechanism that is usedfor providing host-by-host authentication. IPSec policies can be defined as having security rules and settings that control the flow of inbound data,