Chapter 14: Key Management and Distribution
Chapter 14: Key Management and Distribution
Chapter 14: Key Management and Distribution
Stallings
TRUE OR FALSE
T F 8. Each user must share a unique key with the key distribution center
for purposes of key distribution.
T F 12. The distribution of session keys delays the start of any exchange
and places a burden on network capacity.
MULTIPLE CHOICE
1. Key distribution often involves the use of __________ which are infrequently
used and are long lasting.
A. Message B. Management
C. Public D. Private
A. PKI B. CDC
C. HMAC D. KDC
5. Key distribution often involves the use of _________ which are generated and
distributed for temporary use between two parties.
Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
A. session B. master
C. permanent D. message
9. The more frequently session keys are exchanged the more __________ they are
because the opponent has less ciphertext to work with for any given session
key.
A. insecure B. streamlined
C. secure D. obsolete
A. KDC B. IETF
C. PKI D. CRL
14. __________ indicates a restriction imposed as to the purposes for which, and
the policies under which, the certified public key may be used.
15. The __________ is the issuer of certificates and certificate revocation lists and
may also support a variety of administrative functions.
SHORT ANSWER
Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
1. Key-distribution is the function that delivers a key to two parties who wish
to exchange secure encrypted data.
5. If encryption is done at the application level a key is needed for every pair of
users or processes that require communication.
7. Session keys are transmitted in encrypted form using a master key that is
shared by the key distribution center and an end system or user.
10. Several techniques have been proposed for the distribution of public keys.
The proposals can be grouped into the following four general schemes:
public announcement, publicly available directory, public-key certificates,
and public-key authority.
11. A certificate consists of a public key, an identifier of the key owner, and the
whole block signed by a trusted third party and can be used by participants
to exchange keys without contacting a public key authority in a way that is as
reliable as if the keys were obtained directly from a public key authority.
12. X.509 certificates are used in most network security applications including
IP security, transport layer security and S/MIME.
Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
13. The directory entry for each certification authority includes two types of
certificates: forward certificates and backward certificates.
14. Registration is the process whereby a user first makes itself known to a
certification authority prior to that certification authority issuing a certificate
for that user.
15. A repository is a generic term used to denote any method for storing
certificates and CRLs so that they can be retrieved by end entities.