Bob wants to ensure that Alice can check whether his message has been tampered with. He creates a checksum of the message and encrypts it using asymmetric cryptography. What key does Bob use to encrypt the checksum for accomplishing this goal?
Bob wants Alice to verify that the message hasn’t been tampered with. This is a use case for ensuring data integrity and authenticity. The process described matches the creation of a digital signature:
Bob computes a checksum (typically a cryptographic hash) of the message.
Then, he encrypts this checksum (hash) using his own private key.
Alice receives the message and decrypts the checksum using Bob’s public key.
If the decrypted checksum matches the hash she computes from the received message, she confirms the message’s integrity and authenticity.
This is a fundamental principle of digital signatures.
Incorrect Options:
A. Alice's private key is never used by others; it's confidential.
B. Encrypting with Alice’s public key ensures confidentiality, not authenticity.
D. Bob’s public key is used by the receiver to verify authenticity, not for encryption in this context.
Reference – CEH v13 Official Courseware:
Module 20: Cryptography
Section: “Digital Signatures”
Subsection: “Using Private Keys to Sign and Public Keys to Verify”
CEH Engage Lab: Email Signing and Verification
===========
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit