Chapter 11 Β· Quiz

PKI Quiz

8 questions: multiple choice, matching, analysis, evaluation.

1. Bob wants to send an encrypted message that ONLY Alice can read. Which key should Bob use to encrypt?
Correct: C β€” Alice's public key. To encrypt a message for Alice, use Alice's public key. Only Alice's private key can decrypt it.
2. Which statement about asymmetric encryption is TRUE?
Correct: C. Public key encrypts, private key decrypts. A and B are false (different keys; private not derivable from public). D is false β€” asymmetric is slower.
3. Why is symmetric encryption still used despite its key distribution problem?
Correct: B. Symmetric is fast. This is why hybrid encryption uses asymmetric for the key exchange and symmetric for the actual bulk data β€” you get security from asymmetric and speed from symmetric.
4. An organization wants to ensure it can always access encrypted employee data even after an employee leaves. Which practice addresses this?
Correct: C β€” Key escrow. Storing copies of private keys in a secure vault ensures the organization can access data even when the original key holder is unavailable.
5. Which encryption model is used in TLS/HTTPS web connections?
Correct: C β€” Hybrid encryption. TLS uses asymmetric cryptography during the handshake to securely exchange a symmetric session key. Bulk data transfer uses that symmetric key for speed.
6. Matching β€” Match each concept to its correct description.

CONCEPT

Public Key
Private Key
Symmetric Key
Key Escrow

DESCRIPTION

Single shared secret used for both encryption and decryption
Must be kept strictly secret; used to decrypt messages encrypted with its pair
Storing copies of private keys with a trusted party for recovery purposes
Freely distributed; anyone can use it to encrypt messages to the owner
7. Analysis: An attacker intercepts an encrypted HTTPS connection. They capture the ciphertext AND the server's public key from its certificate. Can they decrypt the communication? Explain.
Model Answer:
No β€” they cannot decrypt the communication, for two reasons:

1. The session key is protected by asymmetric encryption. The symmetric session key was encrypted by the client using the server's public key. Only the server's private key can decrypt it. The attacker has the public key but not the private key β€” so they cannot recover the session key.

2. The actual data uses symmetric encryption. Even if the attacker somehow got the public key from the certificate, the data was encrypted with the symmetric session key (which the attacker also doesn't have). The public key cannot decrypt symmetric-encrypted data.

This is exactly why TLS is secure even when the server's certificate (and thus public key) is publicly visible β€” the public key is designed to be public. Security comes from the private key, which never leaves the server.
8. Evaluation: Some organizations resist implementing key escrow, calling it a "backdoor." Others argue it's a business necessity. Evaluate both positions.
Model Answer:
Against escrow: Key escrow concentrates risk. If the escrow system is compromised, an attacker gains access to all escrowed private keys and can decrypt all historical encrypted data. Employees may also distrust the organization if they know their "private" key isn't really private. From a cryptographic purist standpoint, true end-to-end encryption requires that only the sender and recipient have the keys.

For escrow: In business environments, encrypted data belongs to the organization β€” not just the individual. If an employee leaves, is incapacitated, or is under investigation, the organization needs to access that data. Data loss from a lost private key can be catastrophic and irreversible. Government regulations in some sectors may require it.

Verdict: Both positions have merit. The decision depends on the organization's risk model, regulatory environment, and trust architecture. If escrow is implemented, it must be protected with multi-person authorization, HSM storage, and full audit logging β€” not a simple file on a shared drive.