Which of the following concepts is used by digital signatures to ensure integrity of the data?
A.
Non-repudiation
B.
Hashing
C.
Transport encryption
D.
Key escrow
Explanation:
Most digital signature implementations also use a hash to verify that the message has not been
altered, intentionally or accidently, in transit.
We have to be very careful in here and read the question properly so as to arrive to the correct answer.
The question is: Which of the following CONCEPTS is used by digital signatures to ensure integrity of the data?
• First, Hashing is NOT A CONCEPT. It is an ALGORITHM.
The key in public-key encryption is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. Essentially, the hash value is a summary of the original value. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value.
First for some more definitions:
1—DIGITAL SIGNATURE: Is a digital code (generated and authenticated by public key encryption) which is attached to an electronically transmitted document to verify its contents and the sender’s identity.
To create a digital signature, signing software (such as an email program) creates a one-way hash of the electronic data to be signed. The private key is then used to encrypt the hash. The encrypted hash — along with other information, such as the hashing algorithm — is the digital signature.
2—NON REPUDIATION: Regarding digital security, the cryptological meaning and application of non-repudiation shifts to mean: A service that provides proof of the integrity and origin of data. An authentication that can be asserted to be genuine with high assurance. Non repudiation is therefore a PRINCIPLE which can be achieved by various means, and not just by Digital Signatures and hashing.
Since no security technology is absolutely fool-proof, some experts warn that a digital signature alone may not always guarantee nonrepudiation. It is suggested that multiple approaches be used, such as capturing unique biometric information and other data about the sender or signer that collectively would be difficult to repudiate.
In SHORT:
• Digital Signatures use hashes to ensure integrity of the data. This is how non-repudiation is achieved.
• If you try to put it the other way around is does not work
0
0