Does asymmetric cryptography provide integrity?
Hello everybody,
Does asymmetric cryptography provide integrity? The way I understand things at the moment is that if you encrypt a file with your private key, then other party must use your public key to decrypt. Seeing you're the only one with your private key, hasn't this provided integrity and non-repudiation?
Just wondered since I was doing a practice test for SY0-301 exam and came across this question:
Asymmetric cryptography is said to provide all but which of the following security services?
Thanks.
Does asymmetric cryptography provide integrity? The way I understand things at the moment is that if you encrypt a file with your private key, then other party must use your public key to decrypt. Seeing you're the only one with your private key, hasn't this provided integrity and non-repudiation?
Just wondered since I was doing a practice test for SY0-301 exam and came across this question:
Asymmetric cryptography is said to provide all but which of the following security services?
- Confidentiality
- Integrity
- Authentication
- Non-repudiation
Thanks.
Comments
-
Darril
Member Posts: 1,588
Does asymmetric cryptography provide integrity?
That's a pretty broad question. A digital signature uses asymmetric cryptography and it provides integrity but asymmetric cryptography is commonly used for encryption/decryption to provide confidentiality.
Compare it to this question: Does a farm provide soybeans? A soybean farm does, but all farms don't provide soybeans.The way I understand things at the moment is that if you encrypt a file with your private key, then other party must use your public key to decrypt. Seeing you're the only one with your private key, hasn't this provided integrity and non-repudiation?
Not exactly.
Integrity is provided by hashing and comparing hashes. What you've described is only encryption/decryption which provides confidentiality. You may like to check out this blog on Security+ cryptography topics.
Security+ Cryptography - Encryption, Hashing, Digital Signatures
Again though, if you use asymmetric cryptography with a digital signature, it provides much more. Specifically, a digital signature provides authentication, non-repudiation, and integrity. You may like to check out this blog on digital signatures.
Understanding a Digital Signature for Security Certifications
Just wondered since I was doing a practice test for SY0-301 exam and came across this question:
Asymmetric cryptography is said to provide all but which of the following security services?- Confidentiality
- Integrity
- Authentication
- Non-repudiation
I'm wondering if your practice test questions have any explanations. If not, you may find yourself memorizing the wrong answers.
Darril Gibson
Security+ blog
Security+ Tip Of Day -
CK121
Member Posts: 15 ■□□□□□□□□□
Thanks again Darril!
For one set of test questions the explanations are not really in detail. I wanted to buy your latest SY0-0301 test question book through Amazon UK but the only stockist I found at the time was in the USA - shipping would take too long and it wouldn't get here in time before my test. I don't have a kindle either so that wasn't an option either. I couldn't find it distributed in any other format unfortunately. -
slinuxuzer
Member Posts: 665 ■■■■□□□□□□
Check this out if you get bored. There is a 2008 version of this book now that I haven't looked at, but this one I found to be pretty good. It goes into a some really good specifics of Microsofts implementation, so it will help you to firm up on some of the concepts through explaining some of the practical applications.
Amazon.com: Microsoft® Windows ServerTM 2003 PKI and Certificate Security eBook: Microsoft Corporation, Brian Komar: Kindle Store