DIGITAL SIGNATURES & KEY DISTRIBUTION
A digital signature must have the following properties: it must verify the author and the date and time of the signature; it must authenticate the contents at the time of the signature; and it must ________________________ to resolve disputes.
be verified by third parties
If encryption is done at the __________ level a key is needed for every pair of users or processes that require communication.
application
The term _____________________ refers to a digital signature scheme that involves only the communicating parties.
arbitrated digital signature
The __________ is formed by taking the hash of the message and encrypting the message with the creator's private key.
digital signature
If __________ is done at a network or IP level a key is needed for each pair of hosts on the network that wish to communicate.
end-to-end encryption
(t/f) A digital signature can guarantee the integrity but not the source of the message.
f
(t/f) A public-key certificate scheme alone does not provide the necessary security to authenticate the public key.
f
(t/f) The digital signature function does not include the authentication function.
f
(t/f) Typically the session key is used for the duration of a logical connection, such as a frame relay connection or transport connection, and then it is permanently stored.
f
If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B. A ______________________ is responsible for distributing keys to pairs of users as needed.
key distribution center
With a __________ attack the attacker is given access to a set of messages and their signatures.
known message
Session keys are transmitted in encrypted form using a ________________ that is shared by the key distribution center and an end system or user.
master key
Key distribution often involves the use of __________ which are infrequently used and are long lasting.
master keys
One of the most important uses of a __________ cryptosystem is to encrypt secret keys for distribution.
public key
Public-key encryption schemes are secure only if the authenticity of the __________ is assured.
public key
A __________ defines the procedures needed to revoke digital certificates.
public key infrastructure
A _____________________ is defined as the set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates based on asymmetric cryptography.
public key infrastructure
The DSS makes use of the Secure Hash Algorithm and presents a new digital signature technique known as the ________________________.
Federal Information processing standard
The digital signature standard is a __________ standard that uses the secure hash algorithm.
NIST
The ____________________ attack is where the attacker chooses a list of messages before attempting to break the user's signature scheme, independent of the user's public key. The attacker then obtains from the user valid signatures for the chosen messages.
Generic chosen message
______________________ is the function that delivers a key to two parties who wish to exchange secure encrypted data.
Key distribution
__________ key encryption schemes are secure if the public key is authenticated.
Private
__________ is where the attacker forges a signature for a particular message chosen by the attacker.
Selective forgery
The attacker finds an efficient signing algorithm that provides an equivalent way of constructing signatures on arbitrary messages is a __________ __________ .
Universal forgery
Used in a variety of applications, _______ defines the format for public-key certificates.
X.509
The more frequently session keys are exchanged the more __________ they are because the opponent has less ciphertext to work with for any given session key.
secure
Communication between end systems is encrypted using a _________ key.
session
Key distribution often involves the use of _________ which are generated and distributed for temporary use between two parties.
session keys
(t/f) Each user must share a unique key with the key distribution center for purposes of key distribution.
t
(t/f) For symmetric encryption to work the two parties to an exchange must share the same key and that key must be protected from access by others.
t
(t/f) Frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key.
t
(t/f) It must be computationally infeasible to forge a digital signature, either by constructing a new message for an existing digital signature or by constructing a fraudulent digital signature for a given message.t
t
(t/f) Master keys can be distributed in some non-cryptographic way such as physical delivery.
t
(t/f) Message authentication protects two parties who exchange messages from any third party, however, it does not protect the two parties against each other.
t
(t/f) Some sort of mechanism or protocol is needed to provide for the secure distribution of keys.
t
(t/f) The most important development from the work on public-key cryptography is the digital signature.
t
(t/f) The topics of cryptographic key management and cryptographic key distribution are complex, involving cryptographic, protocol, and management considerations.
t
(t/f) Unlike RSA, the DSA cannot be used for encryption or key exchange.
t
A __________ is where the attacker determines the user's private key.
total break