Advanced Placement (AP) Computer Science

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the AP Computer Science Exam with our comprehensive quiz. Use our flashcards and multiple-choice questions to test your knowledge and uncover valuable hints. Get exam-ready today!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What is one major limitation of the Diffie-Hellman-Merkle method?

  1. Lack of key generation speed

  2. Inability to handle large datasets

  3. Lack of authentication

  4. Inability to encrypt messages effectively

The correct answer is: Lack of authentication

The Diffie-Hellman-Merkle method is widely used for secure key exchange over an insecure channel. However, it has a significant limitation in that it does not provide a mechanism for authentication of the communicating parties. This means that while the method allows two parties to generate a shared secret key that can be used for encryption, it does not verify whether the parties involved in the exchange are who they claim to be. As a result, it is vulnerable to man-in-the-middle attacks, where an attacker could intercept the communication and potentially establish a shared key with one or both parties without their knowledge. Without authentication, users must rely on additional methods to ensure that they are communicating with the intended party rather than an impostor. In real-world applications, this is often addressed by incorporating additional protocols or techniques, such as digital signatures, to authenticate the identities of the parties involved in the key exchange process. The other choices highlight aspects that, while relevant, do not directly address a core limitation of the Diffie-Hellman-Merkle method itself. The method's key generation speed is generally adequate for practical use, and it is designed specifically for key exchange rather than the encryption of messages or handling large datasets.

More Questions Like This