[Cisspstudy] cisspstudy Digest, Vol 19, Issue 16

gerritsjs gerritsjs at gmail.com
Tue Jan 19 20:32:13 EST 2010 

 

Clement, 

 

Agree, the question is not properly vetted and also agree that in ASYMMETRIC
the total number of keys is 20. 

 

Also, agree in symmetric the total number of keys is N(N-1)/2.

 

          

  _____  

From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Tuesday, January 19, 2010 4:07 PM
To: The CISSP Study Mailing list
Cc: twitwicki at hannaford.com
Subject: Re: [Cisspstudy] cisspstudy Digest, Vol 19, Issue 16

 

Good day,

I agree with Tom that it seems like the questions were definitively not
vetted properly.

The total number of keys needed for asymmetric is simply total number of
users multiply by 2

10 users is 20 keys that would be created overall.  

If it was Symmetric then you would use the formula: total number of users X
total number of users minus one divided by two.     10 x (10-1)/2 which is
45 keys.

For the second question:  all the services would be provided using Digital
Signatures which can only be achieve within asymmetric crypto systems.
While creating the digital signature the hashing algorithm would be use.

Take care

Clement




On Tue, Jan 19, 2010 at 16:07, Nimal Gunarathna <ng949 at yahoo.com> wrote:


Hi Tom,

 

This question puzzles me..

In an asymmetric system how many keys are required for 10 users to fully
communicate?

 

Every user has a one private and a one public key. I can send my same public

key to all others. For 10 people, 20 keys are needed.. I am not sure how 110
come from?

Is this a private com session or just a different comm session with each
pair?

 

Thanks,

 

Nimal Gunarathna 

 

 

 

--- On Tue, 1/19/10, cisspstudy-request at cccure.org
<cisspstudy-request at cccure.org> wrote:


From: cisspstudy-request at cccure.org <cisspstudy-request at cccure.org>
Subject: cisspstudy Digest, Vol 19, Issue 16
To: cisspstudy at cccure.org
Date: Tuesday, January 19, 2010, 11:00 AM

Send cisspstudy mailing list submissions to
    cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org> 

To subscribe or unsubscribe via the World Wide Web, visit
    http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
    cisspstudy-request at cccure.org
<http://mc/compose?to=cisspstudy-request@cccure.org> 

You can reach the person managing the list at
    cisspstudy-owner at cccure.org
<http://mc/compose?to=cisspstudy-owner@cccure.org> 

When replying, please edit your Subject line so it is more specific
than "Re: Contents of cisspstudy digest..."


Today's Topics:

   1. cisspstudy  - Cryptography questions (twitwicki at hannaford.com
<http://mc/compose?to=twitwicki@hannaford.com> )
   2. Re: New to CISSP Cert (Mark Price)
   3. Re: New to CISSP Cert (jack wang)
   4. Re: New to CISSP Cert (Jeronimo Zucco)


----------------------------------------------------------------------

Message: 1
Date: Mon, 18 Jan 2010 14:48:26 -0500
From: twitwicki at hannaford.com <http://mc/compose?to=twitwicki@hannaford.com>

To: cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org> 
Subject: [Cisspstudy] cisspstudy  - Cryptography questions
Message-ID:
    <OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CCD97 at hannaford.com
<http://mc/compose?to=OF8F407D94.BBDB76DE-ON852576AF.006B4314-852576AF.006CC
D97 at hannaford.com> >
    
Content-Type: text/plain; charset=US-ASCII



Hello all,
      I'd like your thoughts on these questions from Michael Gregg's CISSP
Practice questions:

In an asymmetric system how many keys are required for 10 users to fully
communicate?

A. 10
B. 20
C. 45
D 110

The answer states D. 110 -  "Each user would have his private, phus his
public key, plus each of the nine other public keys"
Shouldn't the answer be B. 20  because the public keys is only couned once
for each private/public pair?  This also seems consistent with the formula
for symmetric keys: N(N-1)/2 where N is the number of users needing to
communicate.  In this case the secret key is only counted once even if it's
shared between users.


Here's another question that has me puzzled:

Which cryptographic system can be used for integrity, authenticity and
non-repudiation?

A. Asymmetric encryption
B. Symmetric  encryption
C. Hashing
D. None of the above

The answers states A. Asymmetric.  Shouldn't the answer be D. None of the
above because Hashing is needed for integrity?

Your thoughts will be much appreciated.


Tom Witwicki, CIPP
Director, Information Security
Hannaford Bros. Co.
207-885-2073

Join me on Linkedin!
http://www.linkedin.com/in/tomwitwicki







------------------------------

Message: 2
Date: Mon, 18 Jan 2010 21:47:45 +0000
From: "Mark Price" <prinext at gmail.com
<http://mc/compose?to=prinext@gmail.com> >
To: "The CISSP Study Mailing list" <cisspstudy at cccure.org
<http://mc/compose?to=cisspstudy@cccure.org> >
Subject: Re: [Cisspstudy] New to CISSP Cert
Message-ID:
 
<1180962559-1263851266-cardhu_decombobulator_blackberry.rim.net-147941822- at b
da153.bisx.prod.on.blackberry
<http://mc/compose?to=1180962559-1263851266-cardhu_decombobulator_blackberry
.rim.net-147941822- at bda153.bisx.prod.on.blackberry> >
    
Content-Type: text/plain

I have heard each edition is an update of the previous plus more of the
latest technology and or standards. 
I have the 4th and the DVD set, they plus cccure.org worked for me.
V/r,

Mark Price
PRINEXT
c:240-743-7654
mprice at prinext.com <http://mc/compose?to=mprice@prinext.com> 
www.prinext.com

-----Original Message-----
From: Cert Prep <bugtraq.mailbox at gmail.com
<http://mc/compose?to=bugtraq.mailbox@gmail.com> >
Date: Mon, 18 Jan 2010 13:22:40 
To: The CISSP Study Mailing list<cisspstudy at cccure.org
<http://mc/compose?to=cisspstudy@cccure.org> >
Subject: Re: [Cisspstudy] New to CISSP Cert

Thanks Jeronimo. I will listen to it.

I have Shon Harris Second Edition which I bought many years back. I
have heard that 5th edition is about to come. Is it ok to prepare from
second edition until 5th edition is out? Does anybody know the
differences between 2nd and 4th? I am sure there will be many but are
those drastic to the extent that I will have to revise the stuff,
which I have already gone through using second edition, from 5th
edition once it is published?

Any help would be appreciated.

Thanks.
Adam

On Mon, Jan 18, 2010 at 12:51 PM, Jeronimo Zucco <jczucco at gmail.com
<http://mc/compose?to=jczucco@gmail.com> > wrote:
> 2010/1/18 Cert Prep <bugtraq.mailbox at gmail.com
<http://mc/compose?to=bugtraq.mailbox@gmail.com> >:
>> Hi Folks,
>>
>> I am planning to prepare for CISSP Cert and would like to know which
>> book or material is best for the preparations.
>
>
> http://www.cccure.org/flash/intro/player.html
>
>
>
> --
> Jeronimo Zucco
> http://jczucco.blogspot.com
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org> 
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org> 
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

------------------------------

Message: 3
Date: Tue, 19 Jan 2010 20:05:00 +0800
From: jack wang <windjie at gmail.com <http://mc/compose?to=windjie@gmail.com>
>
To: The CISSP Study Mailing list <cisspstudy at cccure.org
<http://mc/compose?to=cisspstudy@cccure.org> >
Subject: Re: [Cisspstudy] New to CISSP Cert
Message-ID:
    <3c43566f1001190405t2bfd204as4a953dd160a5b92b at mail.gmail.com
<http://mc/compose?to=3c43566f1001190405t2bfd204as4a953dd160a5b92b@mail.gmai
l.com> >
Content-Type: text/plain; charset="iso-8859-1"

Shon Harris Second Edition,plus www.cccure.org,they are enough
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/0d0b
7b8f/attachment-0001.html>

------------------------------

Message: 4
Date: Tue, 19 Jan 2010 10:34:19 -0200
From: Jeronimo Zucco <jczucco at gmail.com
<http://mc/compose?to=jczucco@gmail.com> >
To: The CISSP Study Mailing list <cisspstudy at cccure.org
<http://mc/compose?to=cisspstudy@cccure.org> >
Subject: Re: [Cisspstudy] New to CISSP Cert
Message-ID:
    <2d6b298c1001190434i6f1eb72ct1157b63b80fe9301 at mail.gmail.com
<http://mc/compose?to=2d6b298c1001190434i6f1eb72ct1157b63b80fe9301@mail.gmai
l.com> >
Content-Type: text/plain; charset=ISO-8859-1

All-in_one edition 5:

http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2?ie=
UTF8
<http://www.amazon.com/CISSP-All-One-Guide-Fifth/dp/0071602178/ref=sr_1_2?ie
=UTF8&s=books&qid=1263898897&sr=8-2> &s=books&qid=1263898897&sr=8-2

I always recommend the last edition, because of updates and
corretions. Or you can read all erratas for your edition.

2010/1/19 jack wang <windjie at gmail.com
<http://mc/compose?to=windjie@gmail.com> >:
> ?Shon Harris Second Edition,plus www.cccure.org,they are enough
>


-- 
Jeronimo Zucco
http://jczucco.blogspot.com



------------------------------

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org <http://mc/compose?to=cisspstudy@cccure.org> 
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


End of cisspstudy Digest, Vol 19, Issue 16
******************************************


_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/201df153/attachment-0001.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: CS 294  Network Security.txt
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100119/201df153/attachment-0001.txt>

More information about the cisspstudy mailing list