Which of the following encrypt/decrypt steps provides the GREATEST assurance of achieving
confidentiality, message integrity and nonrepudiation by either sender or recipient?

A.
The recipient uses their private key to decrypt the secret key.

B.
The encrypted prehash code and the message are encrypted using a secret key.

C.
The encrypted prehash code is derived mathematically from the message to be sent.

D.
The recipient uses the sender’s public key, verified with a certificate authority, to decrypt the prehash
code.

Explanation:
Most encrypted transactions use a combination of private keys, public keys, secret keys, hash
functions and digital certificates to achieve confidentiality, message integrity and nonrepudiation by
either sender or recipient. The recipient uses the sender’s public key to decrypt the prehash code
into a posthash code, which when equaling the prehash code, verifies the identity of the sender
and that the message has not been changed in route; this would provide the greatest assurance.
Each sender and recipient has a private key known only to themselves and a public key, which can
be known by anyone. Each encryption/decryption process requires at least one public key and one
private key, and both must be from the same party. A single, secret key is used to encrypt the
message, because secret key encryption requires less processing power than using public and
private keys. A digital certificate, signed by a certificate authority, validates senders’ and recipients’
public keys.