Which of the following is used to verify data integrity?
Correct Answer: A
SHA stands for “secure hash algorithm”. SHA-1 is the most widely used of the existing SHA hash functions, and is employed in several widely used applications and protocols
including TLS and SSL, PGP, SSH, S/MIME, and IPsec. It is used to ensure data integrity.
A hash value (or simply hash), also called a message digest, is a number generated from a string of text. The hash is substantially smaller than the text itself, and is generated by a
formula in such a way that it is extremely unlikely that some other text will produce the same hash value.
Hashes play a role in security systems where they’re used to ensure that transmitted messages have not been tampered with. The sender generates a hash of the message, encrypts
it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two
hashes. If they’re the same, there is a very high probability that the message was transmitted intact. This is how hashing is used to ensure data integrity.
B: In cryptography, Triple DES (3DES) is the common name for the Triple Data Encryption Algorithm (TDEA or Triple DEA) symmetric-key block cipher, which applies the Data
Encryption Standard (DES) cipher algorithm three times to each data block. 3DES is used to encrypt data, not to verify data integrity.
C: AES (Advanced Encryption Standard) has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES) which was
published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. AES is used to encrypt
data, not to verify data integrity.
D: RSA encryption is used for encrypting data in transit. RSA involves a public key and a private key. The public key can be known by everyone and is used for encrypting messages.
Messages encrypted with the public key can only be decrypted in a reasonable amount of time using the private key. RSA is used to encrypt data, not to verify data integrity.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 250, 251, 255-256