nerdexam
CompTIA

SY0-301 · Question #398

Which of the following concepts is used by digital signatures to ensure integrity of the data?

The correct answer is B. Hashing. Digital signatures use hashing to produce a fixed-length digest of data, and any modification to the data produces a different hash value, thereby detecting tampering and ensuring integrity. The hash is then encrypted with the sender's private key to form the signature.

General security concepts

Question

Which of the following concepts is used by digital signatures to ensure integrity of the data?

Options

  • ANon-repudiation
  • BHashing
  • CTransport encryption
  • DKey escrow

How the community answered

(51 responses)
  • A
    4% (2)
  • B
    92% (47)
  • C
    2% (1)
  • D
    2% (1)

Why each option

Digital signatures use hashing to produce a fixed-length digest of data, and any modification to the data produces a different hash value, thereby detecting tampering and ensuring integrity. The hash is then encrypted with the sender's private key to form the signature.

ANon-repudiation

Non-repudiation is a property that digital signatures provide (proving the sender cannot deny sending), but it is not the underlying cryptographic mechanism that ensures data integrity.

BHashingCorrect

When a digital signature is created, a hashing algorithm (such as SHA-256) generates a fixed-length digest of the data. The recipient independently hashes the received data and compares it to the decrypted digest; if they match, integrity is confirmed. Any alteration to the data - even a single bit - produces a completely different hash value, making tampering detectable.

CTransport encryption

Transport encryption protects data confidentiality in transit but is not the mechanism used within digital signatures to verify that data has not been altered.

DKey escrow

Key escrow is the practice of storing copies of cryptographic keys with a third party and has no role in verifying data integrity.

Concept tested: Hashing as the integrity mechanism in digital signatures

Source: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf

Topics

#hashing#digital signatures#data integrity#cryptographic concepts

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice