CDPSE · Question #230
What should a sender do to send a recipient a file of personal data using asymmetric encryption?
The correct answer is C. Recipient's public key is used to encrypt; recipient's private key is used to decrypt.. In asymmetric encryption, a sender encrypts data using the recipient's public key, and only the recipient can decrypt it using their corresponding private key.
Question
What should a sender do to send a recipient a file of personal data using asymmetric encryption?
Options
- ARecipient's private key is used to encrypt; recipient's public key is used to decrypt.
- BSender's public key is used to encrypt; recipient's public key is used to decrypt.
- CRecipient's public key is used to encrypt; recipient's private key is used to decrypt.
- DRecipient's private key is used to encrypt; sender's public key is used to decrypt.
How the community answered
(32 responses)- A6% (2)
- B3% (1)
- C91% (29)
Why each option
In asymmetric encryption, a sender encrypts data using the recipient's public key, and only the recipient can decrypt it using their corresponding private key.
Using the recipient's private key to encrypt is the basis for digital signatures proving sender identity, not for achieving confidentiality; anyone with the recipient's public key could then decrypt the message.
Encrypting with the sender's public key would mean only the sender could decrypt using their own private key, making the data inaccessible to the intended recipient.
Asymmetric encryption for confidentiality works by using the recipient's publicly available key to encrypt the data, ensuring only the recipient - who holds the matching private key - can decrypt it. This guarantees that even if the encrypted file is intercepted in transit, it cannot be read without the recipient's secret private key, which never needs to be shared.
Encrypting with the recipient's private key and decrypting with the sender's public key reverses the asymmetric model and produces a signature rather than a confidential message.
Concept tested: Asymmetric encryption - public key encryption for data confidentiality
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
Topics
Community Discussion
No community discussion yet for this question.