A software development team must send sensitive files to an external partner. The partner’s environment requires a solution that uses different keys for protecting content and verifying it is unchanged. Which method satisfies these requirements while also confirming that each file is genuine?
Create a shared secret and use it for both protection and confirmation
Store the data without concealment and rely on checksums to detect changes
Use public-key encryption together with digital signatures
Try a one-time pad and add a hash field for each file
Public-key encryption allows one key to encrypt the data and another key to decrypt it, ensuring confidentiality. A digital signature uses the private key to sign files. Recipients use the corresponding public key to verify signatures, confirming the sender’s identity and preventing tampering. A shared secret does not offer distinct encryption and verification capabilities. Checksums confirm data integrity but do not provide identity verification. A one-time pad plus a hash approach retains confidentiality but fails to confirm a trustworthy sender.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is public-key encryption, and how does it work?
Open an interactive chat with Bash
What is a digital signature, and how does it confirm data authenticity?
Open an interactive chat with Bash
Why are shared secrets or checksums insufficient compared to public-key encryption and digital signatures?