Exam SY0-601 topic 1 question 102 discussion

In order to verify the authenticity of a digital signature we need to encrypt the initial message with the sender's private key. The receiver then can verify the authenticity by decrypting the message with the sender's public key. https://docs.huihoo.com/globus/gt4-tutorial/ch09s03.html

There are 2 general ways to use asymetric algorithm. 1 - For communication between 2 hosts: If bob sends a message to Alice, bob uses Alice's public key to encrypt the message, and Alice uses her private key to decrypt the message. 2 - For digital signature/Authentication: If ALice need to authenticate Bob, BOB uses his private key to sign the message, and Alice uses the public key of bob to decrypt the message. This process help to make sure the signature is owned by Bob. On this example, A is totally correct.

C is the correct choice here. Sender encrypts with private key and the recipient has to decrypt using his own public key.

Trick question. It is asking for digital signatures, not for the en- and decryption of information that is confidential. And therefore the answer is A. The recipient can use the public key to confirm the identity of the sender.

A. the sender's private key and decrypted with the sender's public key.

B Asymmetric encryption uses two different keys, a public key for encryption and a private key for decryption

answer is B Asymmetric key algorithms use a public key for encryption and a private key for decryption. Examples include the RSA, Diffie-Hellman, El Gamal, and elliptic curve cryptography standards

Digital signatures work by proving that a digital message or document was not modified—intentionally or unintentionally—from the time it was signed. Digital signatures do this by generating a unique hash of the message or document and encrypting it using the sender's private key. The hash generated is unique to the message or document, and changing any part of it will completely change the hash. Once completed, the message or digital document is digitally signed and sent to the recipient. The recipient then generates their own hash of the message or digital document and decrypts the sender's hash (included in the original message) using the sender's public key. The recipient compares the hash they generate against the sender's decrypted hash; if they match, the message or digital document has not been modified and the sender is authenticated. https://www.cisa.gov/news-events/news/understanding-digital-signatures

I didn't expect they call the process of signing "encrypt"... So stupid and misleading. Everywhere I read the process of encryption is changing of clear-text data into hiden(encrypted) ciphertext so it can't be read without decryption.

From ChatGPT: The correct answer is B. the sender's public key and decrypted with the sender's private key. In digital signatures, the message is first hashed (using a cryptographic hash function) to generate a fixed-length digest. Then, this digest is encrypted with the sender's private key to create the signature. The recipient of the message can then verify the signature by decrypting it using the sender's public key, which should result in the same hash value. If the decrypted hash matches the hash value calculated from the received message, it confirms the integrity of the message and the authenticity of the sender. So, digital signatures use asymmetric encryption in such a way that the message is encrypted with the sender's private key and decrypted with the sender's public key for verification.

Digital signatures use asymmetric encryption, but when it comes to signing a message or file with a digital signature, the process is as follows: A. The sender's private key is used to encrypt the hash or digest of the message, and the recipient uses the sender's public key to decrypt the hash or digest and verify the authenticity of the signature. So, for digital signatures, the correct answer is A.

Digital signatures use asymmetric encryption. This means the message is encrypted with: A. the sender's private key and decrypted with the sender's public key. Most Voted B. the sender's public key and decrypted with the sender's private key. C. the sender's private key and decrypted with the recipient's public key. D. the sender's public key and decrypted with the recipient's private key. ChatGPT B. the sender's public key and decrypted with the sender's private key.

The purpose of using the sender's private key for encryption is to create a unique digital signature that can only be generated by the sender. This provides authenticity and non-repudiation, as only the sender possessing the corresponding private key can create a valid signature. The recipient can then decrypt the signature using the sender's public key to verify the integrity and authenticity of the message.

guys it's B the sender encrypts the message with your public key and you decrypt it by using your private key, your public key is shared with others, and they can not decrypt the message with your public key.

The key thing here is signature. You sign with your private key.

These answer choices are worded wrong. Asymmetric encryption uses two keys: public and private. Anything encrypted with the public key can only be decrypted with the matching private key. Anything encrypted with the private key can only be decrypted with the matching public key. For digital signatures, to send the message with encryption, you use the sender’s private key and decrypt the message with the sender’s public key.

asymmetric encryption Also called public key cryptography, a data encryption system that uses two mathematically derived keys to encrypt and decrypt a message—a public key, available to everyone, and a private key, available only to the owner of the key.