CISSP · Question #1472
The use of private and public encryption keys is fundamental in the implementation of which of the following?
The correct answer is B. Secure Sockets Layer (SSL). SSL/TLS uses asymmetric cryptography (public/private key pairs) during the handshake to authenticate and exchange session keys, making it the primary protocol fundamentally built on public-key infrastructure.
Question
Options
- ADiffie-Hellman algorithm
- BSecure Sockets Layer (SSL)
- CAdvanced Encryption Standard (AES)
- DMessage Digest 5 (MD5)
How the community answered
(50 responses)- A2% (1)
- B94% (47)
- C4% (2)
Why each option
SSL/TLS uses asymmetric cryptography (public/private key pairs) during the handshake to authenticate and exchange session keys, making it the primary protocol fundamentally built on public-key infrastructure.
The Diffie-Hellman algorithm is a key-exchange method that allows two parties to derive a shared secret over an insecure channel using mathematical exponentiation, but it does not itself use pre-existing private/public key pairs in the same PKI sense - it generates ephemeral values rather than relying on asymmetric encryption keys.
SSL (Secure Sockets Layer) is fundamentally built on asymmetric (public/private key) cryptography: the server presents a certificate containing its public key, the client uses it to encrypt a pre-master secret or verify a key exchange, and the corresponding private key is used to decrypt it. This PKI-based handshake establishes a secure channel, making private and public key pairs central to SSL's design and operation.
AES (Advanced Encryption Standard) is a symmetric encryption algorithm, meaning it uses a single shared secret key for both encryption and decryption, with no concept of separate public and private keys.
MD5 (Message Digest 5) is a cryptographic hash function that produces a fixed-length digest from input data; it does not use encryption keys of any kind - public or private - as it is a one-way hashing algorithm, not an encryption scheme.
Concept tested: Asymmetric public/private key cryptography in SSL
Source: https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview
Topics
Community Discussion
No community discussion yet for this question.