PrepAway - Latest Free Exam Questions & Answers

In communications between two parties, encrypting the hash function of a message with a symmetric key algorith

In communications between two parties, encrypting the hash function
of a message with a symmetric key algorithm is equivalent to:

PrepAway - Latest Free Exam Questions & Answers

A.
Providing for secrecy of the message

B.
Generating a keyed Message Authentication Code (MAC)

C.
Generating a digital signature

D.
Generating a one-way function

Explanation:
A MAC is used to authenticate files between users. If the sender
and receiver both have the secret key, they are the only ones that can
verify the hash function. If a symmetric key algorithm is used to
encrypt the one-way hash function, then the one-way hash function
becomes a keyed MAC.
Answer “Generating a digital signature” is incorrect because a digital signature between two
parties
uses an asymmetric key algorithm. If a message is encrypted with the
sender’s private key, then only the sender’s public key can decrypt the
message. This proves that the message was sent by the sender since only
the sender knows the private key.
In practice, asymmetric key encryption is very slow, especially for
long messages. Therefore, a one-way hash of the message is
encrypted with the sender’s private key instead of encrypting the
complete message. Then, the message and the encrypted hash are
sent to a second party. The receiver takes the encrypted hash and
decrypts it with the sender’s public key. Then, the receiver takes the
hash of the message, using the same one-way hash algorithm as
the sender. The hash generated by the receiver is compared with the
decrypted hash sent with the message. If the two hashes are identical,
the digital signature is validated. Note that his method also will
reveal if the message was changed en route, since the hash calculated
by the receiver will, then, be different from the encrypted hash sent
along with the message.
Answer “Providing for secrecy of the message” is incorrect since encrypting the hash of the
message and sending the message in the clear does nothing to protect the confidentiality of the
message. Since the hash function is a one-way function,
the message cannot be recovered from its hash.
Answer “Generating a one-way function” is incorrect since encrypting a hash of a message is not
a one-way function. If it were, it would be of no use since no one would
be able to reverse the process and decrypt it.


Leave a Reply