ICT2213 Applied Cryptography Lecture 11: Key Management (Key Distribution)
17 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of public-key cryptography in key distribution?

  • To distribute secret keys securely between sender and receiver (correct)
  • To create a digital signature
  • To verify the identity of the sender
  • To encrypt the plaintext message

What is the purpose of a Public Key Infrastructure (PKI) in cryptography?

  • To encrypt messages using public keys
  • To authenticate users and devices
  • To manage and distribute public keys
  • To create and manage digital certificates (correct)

What is the main advantage of the Web-of-Trust model compared to the PKI model?

  • It is more secure
  • It is more user-friendly
  • It does not rely on trusted third parties (correct)
  • It is more scalable

What is the purpose of a certificate chain in a PKI system?

<p>To verify the authenticity of a public key (B)</p> Signup and view all the answers

What is the main problem with the PKI model mentioned in the text?

<p>It relies on trusted third parties (B)</p> Signup and view all the answers

What is the main purpose of symmetric encryption in the context of key management?

<p>To distribute secret keys securely (C)</p> Signup and view all the answers

Who can set up a trusted root CA?

<p>Both profit-making and non-profit organizations (D)</p> Signup and view all the answers

How do applications like web browsers typically handle root CA certificates?

<p>By hardcoding a list of presumed trusted root CAs (C)</p> Signup and view all the answers

Who certifies the public key of a root CA?

<p>The root CA itself through a self-signed certificate (D)</p> Signup and view all the answers

What is the main concern regarding trusting root CAs?

<p>Hardcoded root CAs may not always be trustworthy (A)</p> Signup and view all the answers

Why is it challenging to fully trust a self-signed certificate from a root CA?

<p>There is no way to verify the authenticity of a self-signed certificate (D)</p> Signup and view all the answers

What is the primary purpose of PKI (Public Key Infrastructure) in the context of HTTPS websites?

<p>To ensure users are visiting authentic and secure websites (B)</p> Signup and view all the answers

What percentage of phishing websites were reported to be using HTTPS in 2021?

<p>82% (D)</p> Signup and view all the answers

In the Web-of-Trust model, how can a public key be certified?

<p>Both B and C (B)</p> Signup and view all the answers

What is the potential risk associated with the Web-of-Trust model?

<p>Careless or malicious users can impact its security (C)</p> Signup and view all the answers

Which protocol implements the idea of Web-of-Trust for secure communications?

<p>PGP (D)</p> Signup and view all the answers

According to the 'Key continuity management' solution, how can a new public key be trusted?

<p>By trusting public keys that have been in use for a long time (A)</p> Signup and view all the answers

More Like This

Use Quizgecko on...
Browser
Open
Browser
Browser