Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?

from [PennGwyn] Network Security [Permanent Link]
Subject: Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?
Date: Tue, 11 Jul 2006 23:09:36 -0700 
On 8 Jul 2006 at 19:17, Rabbani wrote:


Symmetric key algorithms can provide confidentiality but not 
authentication, says Shon Harris in her book, All In One CISSP exam 
guide (Page # 680, Quick Tips, Cryptography).

Whereas the SYBEX book, CISSP Study guide, by James, Ed and Mike 
says 'Authentication can be achieved by both symmetric and asymmetric 
cryptosystems.

Can any CISSPs advise on this.


  In an asymmetric key cryptosystem, each entity has its own private key 
which need never be shared, transmitted, or made available.  So successful 
participation in the cryptosystem implicitly authenticates each entity as 
the possessor of its unique private key.

  In a symmetric cryptosystem, a shared key must be distributed to all 
entities, with attendant risk that the key distribution process might get 
compromised.  An entitiy's knowledge of the shared key does not uniquely 
identify the entity.  A shared key system might be used to protect the 
exchange of further credentials, but does not by itself provide 
authentication.

  Symmetric key systems do not provide authentication, but their 
confidentiality may be used to secure a process that does -- the SYBEX 
authors may have had that in mind.

David Gillett, CISSP CCNP CCSE




 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] What is your weakest link?, Dan Swanson
Next by Date:  Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?, bennettwang
Previous by Thread:  Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Thread:  Re: [CISSP-D] Do Symmetric Key Algorithms provide authenticity?, bennettwang
Indexes:  [Date] [Thread] [Top] [All Lists]