CISSP · Question #588
Which of the following encryption types is used in Hash Message Authentication Code (HMAC) for key distribution?
The correct answer is A. Symmetric. HMAC uses symmetric encryption for key distribution, where the same shared secret key is used by both the sender and receiver to generate and verify the message authentication code.
Question
Which of the following encryption types is used in Hash Message Authentication Code (HMAC) for key distribution?
Options
- ASymmetric
- BAsymmetric
- CEphemeral
- DPermanent
How the community answered
(40 responses)- A90% (36)
- B3% (1)
- C5% (2)
- D3% (1)
Why each option
HMAC uses symmetric encryption for key distribution, where the same shared secret key is used by both the sender and receiver to generate and verify the message authentication code.
HMAC relies on symmetric key cryptography, where a single shared secret key is distributed between communicating parties and used in conjunction with a hash function (such as SHA-256 or MD5) to produce the authentication code. Both the sender and receiver must possess the same key to compute and validate the HMAC, which is the defining characteristic of symmetric encryption.
Asymmetric encryption uses a public/private key pair and is not used in HMAC; HMAC specifically requires a single shared secret key held by both parties, not separate keys for encryption and decryption.
Ephemeral refers to temporary keys generated for a single session (commonly in Diffie-Hellman key exchange), which describes a key lifecycle property rather than an encryption type used in HMAC.
Permanent is not a recognized encryption type in cryptography; it describes key longevity rather than any encryption algorithm or method used in HMAC operations.
Concept tested: HMAC symmetric key usage in authentication
Source: https://learn.microsoft.com/en-us/dotnet/standard/security/ensuring-data-integrity-with-hash-codes
Topics
Community Discussion
No community discussion yet for this question.