Which statement describes how the sender of the message is verified when asymmetric
encryption is used?
A.
The sender encrypts the message using the sender’s public key, and the receiver decrypts the
message using the sender’s private key.
B.
The sender encrypts the message using the sender’s private key, and the receiver decrypts the
message using the sender’s public key.
C.
The sender encrypts the message using the receiver’s public key, and the receiver decrypts the
message using the receiver’s private key.
D.
The sender encrypts the message using the receiver’s private key, and the receiver decrypts
the message using the receiver’s public key.
E.
The sender encrypts the message using the receiver’s public key, and the receiver decrypts the
message using the sender’s public key.
Explanation:
http://www.cisco.com/en/US/tech/tk1132/technologies_white_paper09186a00800e79cb.shtml
Public-Key Cryptography and Asymmetric Encryption
In asymmetric encryption, two different keys are used to render data illegible to anyone who may
be eavesdropping on a conversation. The certificates contain the two components of asymmetric
encryption: public key and private key.
Data that is encrypted with the public key can be decrypted with the private key, and vice versa.
However, data encrypted with the public key cannot be decrypted with the public key. The parties
who need to encrypt their communications will exchange their public keys (contained in the
certificate), but will not disclose their private keys. The sending party will use the public key of the
receiving party to encrypt message data and forward the cipher text (encrypted data) to the other
party. The receiving party will then decrypt the cipher text with their private key.
Data encrypted with the public key cannot be decrypted with the public key. This prevents
someone from compromising the cipher text after acquiring both public keys by eavesdropping on
the certificate exchange.
Here answer C is wrong and the correct answer is B.
Had it been in regards to the traffic then answer C was correct but here we are talking about the verification of the sender which can only be done if the sender encrypts with its private key and the receiver decrpyts it with sender’s public key.
Hence, option B is correct!
0
0
Lots of disagreement among various website test authorities on which answer is correct. It would seem (according to the literature I’ve read that a sender must use the receiver’s public key to do the encryption and then the receiver uses their own private key to do the decryption.
0
0