Company A sends a PGP encrypted file to company B. If company A used company B’s public key to
encrypt the file, which of the following should be used to decrypt data at company B?
A.
Registration
B.
Public key
C.
CRLs
D.
Private key
Explanation:
In a PKI the sender encrypts the data using the receiver’s public key. The receiver decrypts the data using
his own private key.
PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration
authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are encrypted with a
public key and decrypted with a private key.
A PKI example:
You want to send an encrypted message to Jordan, so you request his public key.
Jordan responds by sending you that key.
You use the public key he sends you to encrypt the message.
You send the message to him.
Jordan uses his private key to decrypt the message.
Incorrect Answers:
A: Registration is not used to decrypt files. Key registration is the process of providing certificates to users
B: If the public key is used to encrypt the file, then we cannot use this public key to decrypt the file. We
need the private key.
The private and the public key are mathematically linked and make a key pair. You cannot use two public
keys to encrypt and decrypt the data.
C: CRLs are not used to decrypt files. A CRL is a database of revoked keys and certificates.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 279-285, 280-281, 285