ICT2213 Applied Cryptography Lecture 11: Key Management Quiz

Questions and Answers

What is the main purpose of public-key cryptography in the context of key distribution?

To verify the integrity of the message during transmission

To authenticate the identity of the sender and receiver

To distribute secret keys between the sender and receiver (correct)

To encrypt the message before sending it over a secure channel

What is the primary function of a Certification Authority (CA) in a public-key infrastructure (PKI)?

To verify the identity of users and issue digital certificates (correct)

To generate and distribute public and private keys

To provide encryption and decryption services for users

To maintain a centralized database of all public keys

What is the purpose of the certificate chain in a PKI?

To allow users to verify the authenticity of a public key (correct)

To enable the revocation of certificates in the hierarchy

To ensure that the root CA's public key is known to all users

To provide a secure way to distribute public keys

How does the Web-of-Trust model for public key certification differ from the PKI model?

The Web-of-Trust relies on users to directly certify the trustworthiness of public keys

What is the main drawback of the PKI model for public key certification?

The need for users to manually verify the certificate chain

What is the purpose of the root CA's public key in a PKI?

To verify the signatures of subordinate CAs

What organizations can set up CAs as mentioned in the text?

Any profit-making or non-profit organizations

How do applications like web browsers typically handle root CA certificates?

Hardcode a list of root CA certificates considered trusted

What is the method used for a root CA to certify itself?

Self-signed certificate

Why is it challenging to trust CAs based on the information provided?

Root CAs certify themselves

What is the common approach for applications like web browsers when it comes to trusting root CAs?

Hardcoding a predefined list of trusted CAs

What is the primary drawback of the Public Key Infrastructure (PKI) system mentioned in the text?

Users are unaware of the risks associated with PKI, allowing phishing websites to exploit this ignorance.

What is the fundamental principle behind the Web-of-Trust concept?

Anyone can certify a public key by signing it with their own private key.

What is the primary drawback of the Web-of-Trust model mentioned in the text?

Careless or malicious users can impact the security of the system.

What is the primary purpose of PGP (Pretty Good Privacy) key servers mentioned in the text?

To facilitate the distribution of PGP public keys without offering any trust.

What is the principle behind the Key Continuity Management approach mentioned in the text?

Trust public keys that have been in use for a long time, even if they are not certified.

In the context of the SSH login example provided, what is the appropriate action when presented with a new public key?

Verify the new public key through an out-of-band channel before proceeding.