312-50V10 · Question #174
Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols th
The correct answer is C. Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to. SSL/TLS uses asymmetric (public/private key pair) encryption during the handshake phase to authenticate the server and securely establish session keys.
Question
Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentially, data integrity, authentication, and non- repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Basic example to understand how cryptography works is given below:
Which of the following choices true about cryptography?
Options
- AAlgorithm is not the secret; key is the secret.
- BPublic-key cryptography, also known as asymmetric cryptography, public key is for decrypt,
- CSecure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to
- DSymmetric-key algorithms are a class of algorithms for cryptography that use the different
How the community answered
(40 responses)- A8% (3)
- B3% (1)
- C73% (29)
- D18% (7)
Why each option
SSL/TLS uses asymmetric (public/private key pair) encryption during the handshake phase to authenticate the server and securely establish session keys.
While Kerckhoffs's principle ('the algorithm is not the secret; the key is the secret') is a recognized design principle, it is not a universally absolute rule - some proprietary systems do keep their algorithms secret, making this a best-practice guideline rather than an invariable fact.
In standard asymmetric cryptography, the public key is used to encrypt (or verify signatures) and the private key is used to decrypt (or sign) - this choice reverses that relationship, making it incorrect.
SSL/TLS relies on asymmetric encryption using a public/private key pair during the handshake to authenticate the server and securely exchange a symmetric session key. This use of asymmetric cryptography is a fundamental and verifiable design feature of SSL/TLS, enabling secure communication over untrusted public networks.
Symmetric-key algorithms use the same single shared key for both encryption and decryption - using different keys for each operation is the defining characteristic of asymmetric, not symmetric, algorithms.
Concept tested: SSL/TLS asymmetric encryption handshake mechanism
Source: https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview
Topics
Community Discussion
No community discussion yet for this question.