Certified Information Systems Security Professional (CISSP) — Question 409

Which algorithm gets its security from the difficulty of calculating discrete logarithms in a finite field and is used to distribute keys, but cannot be used to encrypt or decrypt messages?

Answer options

• A. Kerberos
• B. Digital Signature Algorithm (DSA)
• C. Diffie-Hellman
• D. Rivest-Shamir-Adleman (RSA)

Correct answer: C

Explanation

The Diffie-Hellman algorithm (C) is specifically designed for secure key exchange, relying on the difficulty of discrete logarithm problems. In contrast, Kerberos (A) is an authentication protocol, DSA (B) is primarily for digital signatures, and RSA (D) is used for both encryption and signing, making them unsuitable for the specific function of key distribution alone.