DIGITAL SIGNATURES & KEY DISTRIBUTION

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

A digital signature must have the following properties: it must verify the author and the date and time of the signature; it must authenticate the contents at the time of the signature; and it must ________________________ to resolve disputes.

be verified by third parties

If encryption is done at the __________ level a key is needed for every pair of users or processes that require communication.

application

The term _____________________ refers to a digital signature scheme that involves only the communicating parties.

arbitrated digital signature

The __________ is formed by taking the hash of the message and encrypting the message with the creator's private key.

digital signature

If __________ is done at a network or IP level a key is needed for each pair of hosts on the network that wish to communicate.

end-to-end encryption

(t/f) A digital signature can guarantee the integrity but not the source of the message.

f

(t/f) A public-key certificate scheme alone does not provide the necessary security to authenticate the public key.

f

(t/f) The digital signature function does not include the authentication function.

f

(t/f) Typically the session key is used for the duration of a logical connection, such as a frame relay connection or transport connection, and then it is permanently stored.

f

If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B. A ______________________ is responsible for distributing keys to pairs of users as needed.

key distribution center

With a __________ attack the attacker is given access to a set of messages and their signatures.

known message

Session keys are transmitted in encrypted form using a ________________ that is shared by the key distribution center and an end system or user.

master key

Key distribution often involves the use of __________ which are infrequently used and are long lasting.

master keys

One of the most important uses of a __________ cryptosystem is to encrypt secret keys for distribution.

public key

Public-key encryption schemes are secure only if the authenticity of the __________ is assured.

public key

A __________ defines the procedures needed to revoke digital certificates.

public key infrastructure

A _____________________ is defined as the set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates based on asymmetric cryptography.

public key infrastructure

The DSS makes use of the Secure Hash Algorithm and presents a new digital signature technique known as the ________________________.

Federal Information processing standard

The digital signature standard is a __________ standard that uses the secure hash algorithm.

NIST

The ____________________ attack is where the attacker chooses a list of messages before attempting to break the user's signature scheme, independent of the user's public key. The attacker then obtains from the user valid signatures for the chosen messages.

Generic chosen message

______________________ is the function that delivers a key to two parties who wish to exchange secure encrypted data.

Key distribution

__________ key encryption schemes are secure if the public key is authenticated.

Private

__________ is where the attacker forges a signature for a particular message chosen by the attacker.

Selective forgery

The attacker finds an efficient signing algorithm that provides an equivalent way of constructing signatures on arbitrary messages is a __________ __________ .

Universal forgery

Used in a variety of applications, _______ defines the format for public-key certificates.

X.509

The more frequently session keys are exchanged the more __________ they are because the opponent has less ciphertext to work with for any given session key.

secure

Communication between end systems is encrypted using a _________ key.

session

Key distribution often involves the use of _________ which are generated and distributed for temporary use between two parties.

session keys

(t/f) Each user must share a unique key with the key distribution center for purposes of key distribution.

t

(t/f) For symmetric encryption to work the two parties to an exchange must share the same key and that key must be protected from access by others.

t

(t/f) Frequent key changes are usually desirable to limit the amount of data compromised if an attacker learns the key.

t

(t/f) It must be computationally infeasible to forge a digital signature, either by constructing a new message for an existing digital signature or by constructing a fraudulent digital signature for a given message.t

t

(t/f) Master keys can be distributed in some non-cryptographic way such as physical delivery.

t

(t/f) Message authentication protects two parties who exchange messages from any third party, however, it does not protect the two parties against each other.

t

(t/f) Some sort of mechanism or protocol is needed to provide for the secure distribution of keys.

t

(t/f) The most important development from the work on public-key cryptography is the digital signature.

t

(t/f) The topics of cryptographic key management and cryptographic key distribution are complex, involving cryptographic, protocol, and management considerations.

t

(t/f) Unlike RSA, the DSA cannot be used for encryption or key exchange.

t

A __________ is where the attacker determines the user's private key.

total break


Ensembles d'études connexes

PSY 253 Chapter 6: Socioemotional Development

View Set

Intro to Business Chapter 14-16 2

View Set

Mental Health Test #1 EAQs: Chpt 1-9, 19

View Set

Energy Flow through Trophic Levels and Community Ecology

View Set