Certified Ethical Hacker (CEH v12) — Question 229

As a cybersecurity consultant for SafePath Corp, you have been tasked with implementing a system for secure email communication. The key requirement is to ensure both confidentiality and non-repudiation. While considering various encryption methods, you are inclined towards using a combination of symmetric and asymmetric cryptography. However, you are unsure which cryptographic technique would best serve the purpose. Which of the following options would you choose to meet these requirements?

Answer options

• A. Apply asymmetric encryption with RSA and use the private key for signing.
• B. Use the Diffie-Hellman protocol for key exchange and encryption.
• C. Apply asymmetric encryption with RSA and use the public key for encryption.
• D. Use symmetric encryption with the AES algorithm.

Correct answer: A

Explanation

Option A is correct because using RSA for asymmetric encryption allows for both confidentiality through encryption and non-repudiation via signing with the private key. Option B is incorrect as Diffie-Hellman is primarily for key exchange and does not provide non-repudiation. Option C only ensures confidentiality without non-repudiation, as it uses the public key for encryption. Option D does not meet the non-repudiation requirement since symmetric encryption does not involve key signing.