nerdexam
EC-Council

312-50V11 · Question #174

Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols th

The correct answer is C. Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to. SSL/TLS uses asymmetric encryption via a public/private key pair during the handshake to authenticate the server and negotiate session keys.

Cryptography

Question

Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentially, data integrity, authentication, and non- repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Basic example to understand how cryptography works is given below:

Which of the following choices true about cryptography?

Options

  • AAlgorithm is not the secret; key is the secret.
  • BPublic-key cryptography, also known as asymmetric cryptography, public key is for decrypt,
  • CSecure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to
  • DSymmetric-key algorithms are a class of algorithms for cryptography that use the different

How the community answered

(34 responses)
  • A
    9% (3)
  • C
    85% (29)
  • D
    6% (2)

Why each option

SSL/TLS uses asymmetric encryption via a public/private key pair during the handshake to authenticate the server and negotiate session keys.

AAlgorithm is not the secret; key is the secret.

While Kerckhoffs's principle does state that the algorithm is not the secret and only the key is, this makes choice A a true statement rather than the best answer identifying a specific technology's cryptographic behavior.

BPublic-key cryptography, also known as asymmetric cryptography, public key is for decrypt,

In public-key cryptography the public key is used for encryption and the private key for decryption - not the reverse as implied by this choice.

CSecure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) toCorrect

SSL/TLS employs asymmetric (public/private key) cryptography during the handshake phase to authenticate the server and securely exchange a symmetric session key. This hybrid approach uses the security of public-key cryptography for key establishment before switching to faster symmetric encryption for bulk session data transfer.

DSymmetric-key algorithms are a class of algorithms for cryptography that use the different

Symmetric-key algorithms use the same key for both encryption and decryption; using different keys for each operation is the defining trait of asymmetric, not symmetric, algorithms.

Concept tested: SSL/TLS use of asymmetric encryption in handshake

Source: https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview

Topics

#SSL#asymmetric encryption#public key infrastructure#cryptography fundamentals

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice