55. a. An archive for keying material (i.e., keys and initialization vectors) should provide both integrity and access control. When archived, keying material should be archived prior to the end of the crypto-period of the key. When no longer required, the keying material should be destroyed. Private signature key need not be archived because it is private but should be protected in a safe and secure location.
Both symmetric and public authentication keys should be archived until no longer required to authenticate the data. A symmetric master key should be archived until no longer needed to derive other keys.
56. What is a simpler alternative to a digital signature?
a. Hash function
b. Digital certificate
c. Handwritten signature
d. Certificate authority
56. a. A digital signature provides for nonrepudiation of origin. A simpler alternative to a digital signature is a hash function, where the message is indexed to a digest for integrity checking. It requires that both parties trust one another. However, it is of limited use because it does not provide for repudiation of origin.
A digital certificate contains identification information about its holder. It includes a public key and a unique private key. Exchanging keys and certificates allows two parties to verify each other’s identities before communicating. A handwritten signature is similar to a digital signature in that it places a unique mark on a document that verifies the identity of the sender. A major problem with the handwritten signature is that it can be forged. A certificate authority is a third party that distributes public and private key pairs.
57. Which of the following need to be archived?
a. Domain parameters
b. Shared secrets
c. Random number generator seeds
d. Intermediate results
57. a. Domain parameters should be archived until all keying material, signatures, and signed data using the domain parameters are removed from the archive. The other three choices should not be archived due to their secrecy and because they are temporary in nature. One exception is that a shared secret is sometimes permanent as in a preshared key (PSK) for a site-to-site IPsec VPN.
58. If cryptographic key materials are compromised, the compromise recovery process can be relatively simple and inexpensive for which of the following?
a. Symmetric keys used by a single user
b. A certification authority’s private key
c. A key used to protect a large number of stored keys
d. Keys used by many users of large distributed databases
58. a. Where symmetric keys or private asymmetric keys are used to protect only a single user’s local information in communications between a single pair of users, the compromise recovery process can be relatively simple and inexpensive. The damage assessment and mitigation measures are often local matters. On the other hand, damage assessment can be complex and expensive where (i) a key is shared by or affects a large number of users, (ii) certification authority’s (CA’s) private key is replaced, (iii) transport keys are widely used, (iv) keys are used by many users of large distributed databases, and (v) a key is used to protect a large number of stored keys.
59. The strength of all cryptographically based mechanisms lies in large part in which of the following?
a. The strength of the cryptographic algorithm
b. The protection provided to secret key material
c. The strength of the key size
d. The security of communication protocol
59. b. For all cryptographically based mechanisms, the strength of the mechanism lies partly in the strength of the cryptographic algorithm (including key size), partly in the security of any communication protocol, and in large part, in the protection provided to secret key material (i.e., keys and initialization vectors). A secret key is a symmetric key that is not made public and requires protection from disclosure.
60. Which of the following is not the recommended combination of authentication type key, digital signature key, and key establishment key respectively?
a. RSA 1024, RSA 2048, and DH 2048
b. ECDSA P-256, ECDSA P-256, and RSA 2048
c. RSA 1024, RSA 2048, and RSA 2048
d. ECDSA P-384, ECDSA P-384, and ECDH P-384
