Certified Ethical Hacker (CEH v13) — Question 186

Dorian is sending a digitally signed email to Poly. With which key is Dorian signing this message and how is Poly validating it?

Answer options

• A. Dorian is signing the message with his public key, and Poly will verify that the message came from Dorian by using Dorian’s private key.
• B. Dorian is signing the message with Poly’s private key, and Poly will verify that the message came from Dorian by using Dorian’s public key.
• C. Dorian is signing the message with his private key, and Poly will verify that the message came from Dorian by using Dorian’s public key.
• D. Dorian is signing the message with Poly’s public key, and Poly will verify that the message came from Dorian by using Dorian’s public key.

Correct answer: C

Explanation

The correct answer is C because Dorian uses his private key to sign the message, which ensures that only he could have created the signature. Poly then uses Dorian's public key to validate the signature, confirming that the message indeed came from Dorian. The other options are incorrect as they either misuse the public/private key roles or suggest invalid key usage.