Chapter 13 Digital Signatures

Questions and Answers

What is the purpose of a digital signature?

• To verify the date and time of the message
• To hide the contents of the message
• To encrypt the message
• To authenticate the creator of the message (correct)

What does the digital signature function include?

• Only message verification
• Both authentication and message verification (correct)
• Only authentication function
• Only encryption of the message

In a key-only attack, what does the attacker know?

• A set of messages and their signatures
• The creator's public key (correct)
• The creator's private key
• The date and time of the signature

What does a known message attack involve?

Choosing a list of messages to attempt to break the signature scheme (A)

What does a generic chosen message attack allow the attacker to do?

Choose messages before attempting to break the signature scheme (B)

How does message authentication protect parties exchanging messages?

By guaranteeing source and integrity of messages from third parties (C)

What is the purpose of performing the signature function first before an outer confidentiality function?

To allow a third party to view the message and its signature in case of dispute (B)

What technique is universally accepted to deal with threats related to the security of a sender's private key?

Utilizing digital certificates and certificate authorities (B)

What primary function is the Digital Signature Standard (DSS) designed to provide?

Only digital signature function (A)

In the RSA approach, what is encrypted using the sender's private key to form the signature?

The hash code of the message (D)

What is a fundamental difference between the Digital Signature Standard (DSS) and RSA approach?

DSS uses public-key techniques but cannot be used for encryption or key exchange (A)

What is the recommended technique for ensuring the security of the sender's private key if it is lost or stolen?

Using digital certificates and certificate authorities (C)

What is a key requirement for a digital signature?

Being easy to verify (B)

Which category does a secure hash function fall into for digital signatures?

Direct (B)

In a direct digital signature scheme, who are the parties involved?

Source and Destination only (A)

How is a digital signature formed in a direct digital signature scheme?

By encrypting the hash code of the message with the sender’s private key (B)

What can provide confidentiality in a digital signature along with the message and signature encryption?

Encrypting the entire message with a symmetric key (C)

Which aspect of a digital signature makes it computationally infeasible to forge?

Use of secure hash functions (D)