Two users need to securely share encrypted files via email. Company policy prohibits users from sharing credentials or exchanging encryption keys. Which of the
following can be implemented to enable users to share encrypted data while abiding by company policies?
A.
Key escrow
B.
Digital signatures
C.
PKI
D.
Hashing
I don’t see how digital signatures achieves this. It would help for non repudiation but not secure sharing.
PKI would allow them to securely email without giving credentials or the key. It works off of asymmetric encryption where the sender will have the private key and the receiver will automatically have the public key.
1
1
Alice encrypts a message with Bob’s public key then sends it. Only Bob’s private key can decrypt the message. How does Alice get Bob’s public key? She does not just magically have the thing. If he is not allowed to send her this key…I don’t see how it works.
I can only assume the question is supposed to say something about symmetric keys being exchanged.
0
0
I thought PKI was the answer as well.
0
0
A Digital Signature Certificate authenticates your identity electronically. … You can use Digital Signature Certificates for the following: For sending and receiving digitally signed and encrypted emails. For carrying out secure web-based transactions, or to identify other participants of web-based transactions.
4
0
that’s true, however the digital signature cannot do the encryption. So the “encrypted emails” part u mentioned still need to be done by PKI. Only after encryption, the sensitive data in the question can be shared through network.
2
0
i AGREE
2
0
Well I found this…
A digital certificate is an electronic document issued by a Certificate Authority (CA). It contains the public key for a digital signature and specifies the identity associated with the key, such as the name of an organization. The certificate is used to confirm that the public key belongs to the specific organization. The CA acts as the guarantor.
and several other places indicating that a public key is part of a digital signature. If someone is unable to send a public key directly, I suppose they can send a signature that contains the key.
Its still PKI, but I guess you have to find something to make the question worthy of the test.
0
1
Public key is a part of digital certificate, but not a part of digital signature. I don’t understand wt ur talking about.
0
0