Exam CISSP topic 1 question 113 discussion

I would choose Asymmetric. I believe hashing is the same as message digest.

The question ask about "type of cryptography" - not hashing - that eliminates A & B You need Asymmetric cryptography for Nonrepudiation Sender encrypt message (digital signature) with private key and receive decrypt message with sender's public key. This validates integrity and Nonrepudiation. Note that Symmetric Nonrepduation does not provide Nonrepduation.

Symmetric encryption uses the same key to both encrypt and decrypt data, while asymmetric encryption uses two different keys for the same purpose. Symmetric encryption is faster and easier to use than asymmetric encryption, but it is less secure. With asymmetric, one can’t claim that the security with the data/info was compromised.

first message is hashing > MD, then is sending with the private user's key, first step is hashing

Asymmetric, public-private key pairs for communication between parties, supports scability, easykey distribution, an nonrepudiation.

Question ask for which crypto SUPPORTS NON-Repudiation on an Already created Digital Signature. MD is a output of a HASH. MD only support integrity. Only using Asym process to open the MD hash by the sender PUBLIC key, it can prove non repudiation. A digital signature is a block of data produced by hashing the message with a hashing algorithm that produces a message digest based on its content. Encrypting the message digest with the sender’s private key produces the digital signature. That digital signature is then appended to the original (unencrypted) message content and sent to the receiver. The receiver must then verify the digital signature by decrypting it with the sender’s public key and comparing the resultant plaintext with the message digest of the received message.

Answer is B: digitally signed document is already a process that uses Asymmetric is the message.. you need a digest to add the proof of origin and integrity of the message.

D. Asymmetric. Asymmetric cryptography uses a public-private key pair where the private key is kept secret by the signer. The signature is created using the private key, and anyone with access to the corresponding public key can verify the signature. This ensures that only the owner of the private key could have created the signature, providing a strong basis for non-repudiation.

Digitally signed document aka certificate. A certificate requires private and public keys (asymmetric). Answer is D

D. Asymmetric cryptography, also known as public-key cryptography, is the primary type of cryptography required to support non-repudiation of a digitally signed document.

Three primary types of cryptography: Symmetric, Asymmetric, Hashing. Digital signatures require both Hashing and Asymmetric cryptography, which narrows down to A or D. Then between A & D, the question becomes which one supports non-repudiation? I went with D because non-repudiation is the process of proving the integrity. Digital signature creation to the DOCUMENT is done by hashing with a hashing algorithm. Hashing is a pre-requisite. Digital signature verification is done through referencing (matching the hashes) using public and private keys - Asymmetric encryption.

One of the advantages of Asymmetric over Symmetric.

A. Hashing functions are extremely important to the use of public key cryptography. In particular, to the creation of digital signatures and digital certificates. A hash function is a one-way function that transforms a variable-length input into a unique, fixed-length output. You cannot reverse, therefore, it supports non-repudiation.

Hashing and MD are not types of cryptography and only Asymmetrical support non-repudiation. Hashing is also meant for integrity, not non-repudiation.

Hashing, specifically message digest algorithms, is the primary type of cryptography required to support non-repudiation of a digitally signed document. When a document is digitally signed, a hash function is applied to the document to produce a fixed-length value known as a message digest or hash. The message digest serves as a unique representation of the document's content. The signer then encrypts the message digest with their private key to create a digital signature. Verification of the signature involves recalculating the hash of the received document and comparing it to the decrypted digital signature using the signer's public key. If the recalculated hash matches the decrypted signature, it provides evidence that the document has not been tampered with since the signature was applied. Hashing ensures data integrity, as even a small change in the document would result in a significantly different hash value. This helps establish non-repudiation, as the signer cannot later deny their involvement since the signature is based on the unique hash value of the document.

So this is interesting, the question asks for non-repudiation in digital signatures, and in this case Asymmetric cryptography is correct. If it asked for audit logs, it seems that the answer would have been message digest, which was my original thought. In Linux we run md5sum to see the hash value which ensures the file has not been touched and therefore non-repudiation and integrity https://www.tutorialspoint.com/how-does-non-repudiation-help-in-cyber-security#

Hashing does not provide non-repudiation.