Exam 15: Cryptographic Key Management and Distribution

__________ is an integer value unique within the issuing CA that is unambiguously associated with this certificate.

X.509 is an important standard because the certificate structure and authentication protocols defined in X.509 are used in a variety of contexts.

A _________ is any method for storing and retrieving PKI-related information, such as public key certificates and CRLs.

X.509 dictates the use of a specific digital signature algorithm and a specific hash function.

If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B.A _________ center is responsible for distributing keys to pairs of users as needed.

the secure use of cryptographic key algorithms depends on the protection of the cryptographic keys.

A __________ attack is when a protocol is insecure against an adversary who can intercept messages and can either relay the intercepted message or substitute another message.

A key translation center generates and distributes session keys.

the _________ can be an end user; a device such as a router or server; a process; or any item that can be identified in the subject name of a public key certificate.

A certificate consists of a public key, an identifier of the key owner, and the whole block signed by a trusted third party.

Several techniques have been proposed for the distribution of public keys.the proposals can be grouped into the following four general schemes: public announcement, publicly available directory, public-key certificates, and ____________.

the heart of the X.509 scheme is the __________ certificate associate with each user.

__________ indicates a restriction imposed as to the purposes for which, and the policies under which, the certified public key may be used.

__________ refers to the means of delivering a key to two parties who wish to exchange data, without allowing others to see the key.

If __________ is done at a network or IP level a key is needed for each pair of hosts on the network that wish to communicate.

Because certificates are forgeable they cannot be placed in a directory without the need for the directory to make special efforts to protect them.

the principal objective for developing a _________ is to enable secure, convenient and efficient acquisition of public keys.

A __________ is a server or distributed set of servers that maintains a database of information about users.

One of the most important uses of a __________ cryptosystem is to encrypt secret keys for distribution.

the strength of any cryptographic system rests with the ___________ .