PrepAway - Latest Free Exam Questions & Answers

Which of the following is NOT a key recovery method?

Which of the following is NOT a key recovery method?

PrepAway - Latest Free Exam Questions & Answers

A.
A secret key or a private key is broken into a number of parts and each part is deposited with a
trustee agent. The agents can then provide their parts of the key to a central authority, when
presented with appropriate authorization. The key can then be reconstructed and used to decrypt
messages encrypted with that key.

B.
A message is encrypted with a session key and the session key is, in turn, encrypted with the
private key of a trustee agent. The encrypted session key is sent along with the encrypted message.
The trustee, when authorized, can then decrypt the message by recovering the session key with the
trustee’s public key.

C.
A message is encrypted with a session key. The session key, in turn, is broken into parts and each
part is encrypted with the public key of a different trustee agent. The encrypted parts of the session
key are sent along with the encrypted message. The trustees, when authorized, can then decrypt
their portion of the session key and provide their respective parts of the session key to a central
agent. The central agent can then decrypt the message by reconstructing the session key from the
individual components.

D.
A message is encrypted with a session key and the session key is, in turn, encrypted with the
public key of a trustee agent. The encrypted session key is sent along with the encrypted message.
The trustee, when authorized, can then decrypt the message by recovering the session key with the
trustee’s private key.

Explanation:
Encrypting parts of the session key with the private keys of the trustee agents provides no security
for the message since the message can be decrypted by recovering the key components of the
session key using the public keys of the respective agents. These public keys are available to anyone.
The other answers are valid means of recovering keys, since key recovery refers to permitting access
to encrypted messages under predefined circumstances. Two of these answers are also called key
encapsulation since the session key is encapsulated in the public keys of the trustee agents and,
therefore, can be decrypted only by these trustee agents with their private keys.


Leave a Reply