Using Cryptographic Protocols

Question 1

Delete where appropriate: in email Digital Signatures, the sender encrypts with their public/private key?
The sender’s/recipient’s public/private key decrypts.

Answer 1

the sender signs with the private key

the sender’s public key decrypts

Question 2

Delete where appropriate: in Email encryption, the recipients/sender
encrypts with the sender’s/recipient’s public/private key

The sender/recipient decrypts with the recipient’s/sender’s public/private key

Answer 2

to encrypt email, the sender encrypts the mail with the recipient’s public key.
the recipient’s private key decrypts (this is the same for website encryption)

Question 3

Digital Signatures provide what 3 key security goals

Answer 3

Authentication
Non-repudiation
Integrity

Question 4

What standard allows the emails to be encrypted and digitally signed using 3rd party authenticated certificates?

Answer 4

S/MIME (Secure Multipurpose Internet Mail Extensions)

Question 5

SSL and TLS handshakes require what to be issued to complete the handshake?

Answer 5

a certificate

Question 6

When two systems connect, what do they have to identify before any encryption starts happening?

Answer 6

A cipher suite

Question 7

What are the 3 primary cryptographic solutions do cipher suites provide?

Answer 7

Encryption
Authentication
Integrity

Question 8

A Crypto Module is hardware/software/firmware that implements ______ ______. To implement encryption, the module requires a xxx xxx xxx that is a XXXX XXXXX of algorithms

Answer 8

A Crypto Module is hardware/software/firmware that implements CRYPTOGRAPHIC FUNCTIONS. To implement encryption, the module requires a CRYPTO SERVICE PROVIDER that is a SOFTWARE LIBRARY of algorithms

Question 9

if you wanted to encrypt email traffic but cost was an issue which standard would you use?

Answer 9

PGP/OpenPGP. Because there is no obligation to pay licence fees