Does asymmetric cryptography provide integrity?

Hello everybody,

Does asymmetric cryptography provide integrity? The way I understand things at the moment is that if you encrypt a file with your private key, then other party must use your public key to decrypt. Seeing you're the only one with your private key, hasn't this provided integrity and non-repudiation?

Just wondered since I was doing a practice test for SY0-301 exam and came across this question:

Asymmetric cryptography is said to provide all but which of the following security services?

Confidentiality
Integrity
Authentication
Non-repudiation

Thanks.

Find more posts tagged with

Comments

Darril

CK121 wrote: »

Does asymmetric cryptography provide integrity?

That's a pretty broad question. A digital signature uses asymmetric cryptography and it provides integrity but asymmetric cryptography is commonly used for encryption/decryption to provide confidentiality.

Compare it to this question: Does a farm provide soybeans? A soybean farm does, but all farms don't provide soybeans.

CK121 wrote: »

The way I understand things at the moment is that if you encrypt a file with your private key, then other party must use your public key to decrypt. Seeing you're the only one with your private key, hasn't this provided integrity and non-repudiation?

Not exactly.

Integrity is provided by hashing and comparing hashes. What you've described is only encryption/decryption which provides confidentiality. You may like to check out this blog on Security+ cryptography topics.

Security+ Cryptography - Encryption, Hashing, Digital Signatures

Again though, if you use asymmetric cryptography with a digital signature, it provides much more. Specifically, a digital signature provides authentication, non-repudiation, and integrity. You may like to check out this blog on digital signatures.

Understanding a Digital Signature for Security Certifications

CK121 wrote: »

Just wondered since I was doing a practice test for SY0-301 exam and came across this question:

Asymmetric cryptography is said to provide all but which of the following security services?
Confidentiality

Integrity

Authentication

Non-repudiation

I'm wondering if your practice test questions have any explanations. If not, you may find yourself memorizing the wrong answers.

Darril Gibson
Security+ blog
Security+ Tip Of Day

CK121

Thanks again Darril!

For one set of test questions the explanations are not really in detail. I wanted to buy your latest SY0-0301 test question book through Amazon UK but the only stockist I found at the time was in the USA - shipping would take too long and it wouldn't get here in time before my test. I don't have a kindle either so that wasn't an option either. I couldn't find it distributed in any other format unfortunately.

slinuxuzer

Check this out if you get bored. There is a 2008 version of this book now that I haven't looked at, but this one I found to be pretty good. It goes into a some really good specifics of Microsofts implementation, so it will help you to firm up on some of the concepts through explaining some of the practical applications.

Amazon.com: Microsoft® Windows ServerTM 2003 PKI and Certificate Security eBook: Microsoft Corporation, Brian Komar: Kindle Store