Originally posted by Leo Liao: Which can be used for encryption? 1)X.509 2)Private key 3)Public key 4)Session key 5)Digital certificate 6)Message Digest
Correct answers are Private key, Public key and Session key. See defintions below. X.509 An internationally recognized standard for certificates that defines their required parts.
private key The secret half of a key pair used in a public key algorithm. Private keys are typically used to encrypt a symmetric session key, digitally sign a message, or decrypt a message that has been encrypted with the corresponding public key. public key A cryptographic key typically used when decrypting a session key or a digital signature. The public key can also be used to encrypt a message, guaranteeing that only the person with the corresponding private key can decrypt the message. session key A randomly-generated key that is used one time, then discarded. Session keys are symmetric (used for both encryption and decryption). They are sent with the message, protected by encryption with a public key from the intended recipient. digital certificate A digitally signed statement that contains information about an entity and the entity's public key, thus binding these two pieces of information together. A certificate is issued by a trusted organization (or entity) called a certification authority (CA) after the CA has verified that the entity is who it says it is. Certificates can contain different types of data. For example, an X.509 certificate includes the format of the certificate, the serial number of the certificate, the algorithm used to sign the certificate, the name of the CA that issued the certificate, the name and public key of the entity requesting the certificate, and the CA's signature. Message digest A fixed-size result obtained by applying a mathematical function (the hashing algorithm) to an arbitrary amount of data.
SCJP, SCJD, SCWCD, SCEA Part I
subject: A security question from Javacoding Mock Exam.