Digital Signatures

Question 1

How is the integrity of the message ensured when using public keys?

Answer 1

The use of digital signatures also known as checksums created with a private key

Question 2

When a digital signature is verified what can the recipient be sure of?

Answer 2

• It was sent from the person it says it was

- The message hasn’t changed

Question 3

What does a certification authority (CA) do?

Answer 3

They issue digitally signed public keys to ensure authenticity with a key signing service

Question 4

How does the CA work?

Answer 4

• User sends their private key to CA
• CA contacts user to verify their ID
• CA creates a hash of users key, combines it with his details and encrypts is with CA private key to create a users digitally signed public key.
• Any other user can use CA public key to verify user

Question 5

What is TLS?

Answer 5

Transport layer security

Question 6

What is SSL?

Answer 6

Secure socket layer

Question 7

How does TLS work?

Answer 7

Encrypted messages are sent. Each contains a message authentication code (MAC)

Question 8

With TLS, do the client and server exchange keys?

Answer 8

No they negotiate a common secret known as the master secret. All other key data is derived from this master secret. After the master secret is established a secure connection can be made