CISSP · Question #1328
Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?
The correct answer is C. Identification. Encrypting with a sender's private key and decrypting with the sender's public key is the basis of digital signatures, which provides identification (authentication/non-repudiation) rather than confidentiality.
Question
Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?
Options
- AConfidentiality
- BIntegrity
- CIdentification
- DAvailability
How the community answered
(15 responses)- A7% (1)
- B7% (1)
- C87% (13)
Why each option
Encrypting with a sender's private key and decrypting with the sender's public key is the basis of digital signatures, which provides identification (authentication/non-repudiation) rather than confidentiality.
Confidentiality is achieved by encrypting with the recipient's public key so only the recipient's private key can decrypt it, not by using the sender's private key which anyone with the public key can decrypt.
Integrity is typically provided by hashing algorithms (e.g., SHA-256) that detect unauthorized modifications to data, not by asymmetric encryption with a private key.
When a sender encrypts data with their own private key, only the corresponding public key can decrypt it, which mathematically proves the message originated from the holder of that private key. This process is the foundation of digital signatures and provides identification (authentication and non-repudiation), confirming the identity of the sender. It does not protect the data from being read by others, since anyone with the public key can decrypt it.
Availability refers to ensuring systems and data are accessible when needed, which is addressed through redundancy, fault tolerance, and uptime measures, not through asymmetric encryption operations.
Concept tested: Asymmetric encryption roles: digital signatures vs confidentiality
Source: https://learn.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
Topics
Community Discussion
No community discussion yet for this question.