Which of the following is NOT an issue with secret key cryptography?
A.
Compromise of the keys can enable the attacker to impersonate the
key owners and, therefore, read and send false messages.
B.
A networked group of m users with separate keys for each pair of
users will require m (m-1)/2 keys.
C.
Security of the certification authority.
D.
Secure distribution of the keys.
Explanation:
The CAis used in public key cryptography, not secret key cryptography.
A CA will certify that a public key actually belongs to a specific
individual and that the information associated with the
individual’s key is valid and correct. The CA accomplishes this certification
by digitally signing the individual’s public key and associated
information. The certification professes to another person who
wants to send a message to this individual using public key encryption
that the public key actually belongs to the intended individual.
The Consultation Committee, International Telephone and Telegraph,
International Telecommunications Union (CCITT-ITU)/
International Organization for Standardization (ISO) X.509 Authentication
framework defines a format for public key certificates. This
structure is outlined in Figure.Answer “A networked group of m users with separate keys for each pair of
users will require m (m-1)/2 keys” is an important issue in secret key cryptography; therefore it is
not the correct answer. If, among a network of m users, each user
wants to have secure communications with every other user on the network,
then there must be a secret key for each pair of potential users.
This concept can be illustrated with five users as shown in Figure.Thus, with five users, the number of independent keys is equal to (5 x
4)/2 or 10 as depicted by the ten connecting lines in Figure A.6.
*answer “Secure distribution of the keys” is incorrect since securely distributing the keys to all
users is, obviously, a very important requirement.
Answer d is incorrect since a compromise of the keys can, indeed,
enable the attacker to impersonate the key owners and, therefore,
read and send false messages.
