nerdexam
EC-Council

312-50V10 · Question #378

For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature

The correct answer is D. Sender's private key. In a digital signature scheme, the sender encrypts the message digest with their own private key, allowing anyone with the sender's public key to verify authenticity and integrity.

Cryptography

Question

For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which key?

Options

  • ASender's public key
  • BReceiver's private key
  • CReceiver's public key
  • DSender's private key

How the community answered

(45 responses)
  • A
    4% (2)
  • B
    2% (1)
  • D
    93% (42)

Why each option

In a digital signature scheme, the sender encrypts the message digest with their own private key, allowing anyone with the sender's public key to verify authenticity and integrity.

ASender's public key

Encrypting with the sender's public key would mean anyone could create the signature, completely defeating the purpose of proving sender identity.

BReceiver's private key

The receiver's private key is used for decrypting messages sent to them, not for verifying a sender's digital signature.

CReceiver's public key

Encrypting the digest with the receiver's public key would make it a confidentiality operation (only the receiver can decrypt), not a signature that proves sender identity.

DSender's private keyCorrect

The sender uses their private key to encrypt the message digest (hash), producing the digital signature. Because only the sender possesses their private key, this operation provides non-repudiation - proving the message originated from the claimed sender. The receiver decrypts the signature using the sender's publicly available public key and compares the result to a freshly computed hash of the received message to verify both authenticity and integrity.

Concept tested: Digital signature private key signing process

Source: https://csrc.nist.gov/publications/detail/fips/186/5/final

Topics

#digital signature#message digest#sender private key#asymmetric cryptography

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice