In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?
A.
Import the recipient’s public key
B.
Import the recipient’s private key
C.
Export the sender’s private key
D.
Export the sender’s public key
Explanation:
See step 4 below.
1. When a user encrypts plaintext with PGP, PGP first compresses the plaintext.
2. PGP then creates a session key, which is a one-time-only secret key.
3. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext.
4. Once the data is encrypted, the session key is then encrypted to the recipient’s public key. This public key-encrypted session key is transmitted along with the
ciphertext to the recipient.
Incorrect Answers:
B: The recipient’s public key, not the private key, is used.
C, D: The sender’s key is not used.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 251, 272-273
http://www.pgpi.org/doc/pgpintro/