Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [CISSP-D] Symmetric Key and authentication.

from [Doug Landoll] Network Security [Permanent Link]
Subject: Re: [CISSP-D] Symmetric Key and authentication.
Date: Fri, 20 May 2005 04:25:27 -0000 
Be careful this is a bad approach to preparing for the CISSP exam. 
The CISSP prep books out there are a great tool for CISSP candidates 
and the books consolidate a lot of information. However, they are 
not free of errors. Do not rely on an answer just because it is in a 
book.

Symmetric encryption can provide authentication but only to the 
other party in the transaction. i.e., if you and I share a key and i 
receive a message encrypted in that key, then I KNOW it came from 
you. However, I cannot take that message and show it to someone else 
and convince them that the message came from you (since either you 
OR I could have encrypted it.)

This second type of authentication is called non-repudiation and can 
only be performed through asymetric encryption.

Note: Not all asymetric encryption can enforce non-repudiation. For 
example, Diffie-Hellman algorithm was designed for key exchange only 
and does not provide non-repudiation. (It was the El Gamal algorithm 
that extended D-H to provide non-repudiation.











--- In CISSP-Discuss@yahoogroups.com, Vijay Kumar <vijaychhipa@y...> 
wrote:

Manish
 
Your comments are in-line with what is logical. However the Shon 

Harris 

book mentioned that authentication can not be had with Symmetric 

only encryption.






 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] Re: question on studying, email2mno
Next by Date:  RE: [CISSP-D] System-high security mode vs Compartmented security mode, Connelly, Thomas J.
Previous by Thread:  Re: [CISSP-D] Symmetric Key and authentication., Doug Landoll
Next by Thread:  Re: [CISSP-D] Symmetric Key and authentication., Rand
Indexes:  [Date] [Thread] [Top] [All Lists]