Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe
receives a response, he is unable to decrypt the response with the same key he used initially. Which of the
following would explain the situation?
An ephemeral key was used for one of the messages
A stream cipher was used for the initial email; a block cipher was used for the reply
Out-of-band key exchange has taken place
Asymmetric encryption is being used
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the
public key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the
private key to decrypt the message; what one key does, the other one undoes.Incorrect Answers:
A: An encryption key is called an ephemeral key if it is generated for each execution of a key establishment
process. In some cases ephemeral keys are used more than once, within a single session (e.g., in broadcast
applications) where the sender generates only one ephemeral key pair per message and the private key is
combined separately with each recipient’s public key.
C: An out-of-band key exchange one of the processes that can be used to establish the confidentiality of the
key used in symmetric encryption. Before the encrypted email is exchanged, the key needs to be established
outside of the exchange of the email.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014,