Which of the following is the best cryptographic function used to enforce confidentiality? (Wentz QOTD)
A. One-time pad (OTP)
B. RSA Digital Signature Algorithm
C. Time-based One-Time Password (TOTP)
D. Hash-based Message Authentication Codes (HMAC)

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. One-time pad (OTP).

The acronym of both the one-time pad and one-time passoword is OTP. However, they are different and not related at all. The one-time pad is a symmetric cipher that entails a random secret key, while the one-time password is a dynamically generated password that is valid for only one and only specific login session.

• RSA Digital Signature Algorithm produces the digital signature that enforces non-repudiation.
• Time-based One-Time Password (TOTP) is a one-time password that relies on time as one of the generation algorithm’s input parameters.
• The Hash-based Message Authentication Codes (HMAC) relies on a hash function and a shared key to calculate the message authentication code to validate authenticity.

Reference

• One-time pad (OTP)
• One-time password

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

• It is available on Amazon.
• Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.

以下哪項密碼學功能最能強化機密性？(Wentz QOTD)
A. One-time pad (OTP)
B. RSA Digital Signature Algorithm
C. Time-based One-Time Password (TOTP)
D. Hash-based Message Authentication Codes (HMAC)