WGU Introduction-to-Cryptography Exam Dumps

Nonrepudiation aims to prevent a party from later denying having performed an action, such as sending a message, approving a transaction, or signing a document. In cryptographic systems, nonrepudiation is typically supported by digital signatures, audit logs, and trusted time-stamping: if a message is signed with a private key and verified with the corresponding public key (often bound to an identity via a certificate), the signer can be held accountable for that signed content. This creates evidence that can be used for dispute resolution, compliance, and legal or contractual enforcement. Nonrepudiation is distinct from confidentiality (keeping data secret) and from access control (preventing unauthorized use). While authentication (verifying identity) is related and often a prerequisite, the defining goal is accountability---ensuring that actions can be attributed to entities in a way that is difficult to dispute later. Effective nonrepudiation also depends on secure private key management, certificate validation, and procedures that show the key was under the signer's control at the time. Therefore, the correct answer is holding parties accountable for their actions and transactions.

Asymmetric encryption (also called public key cryptography) uses a pair of mathematically related keys: a public key and a private key. One key is used to encrypt, and the other is used to decrypt, which is the defining ''different keys'' property asked in the question. In the common confidentiality use case, a sender encrypts a message using the recipient's public key, and only the recipient can decrypt it using their private key. This solves the key distribution problem inherent in symmetric encryption, where both parties must securely share the same secret key in advance. Asymmetric systems also enable digital signatures: the private key signs (creates a signature) and the public key verifies it, providing authenticity and integrity. Symmetric encryption, by contrast, uses the same shared key for both encryption and decryption (even though internal round keys may exist, it is still one shared secret). ''Private key'' alone is not a full encryption type, and ''secure'' is a generic description rather than a cryptographic category. Therefore, the correct answer is D. Asymmetric.

Lightweight cryptography is designed for constrained environments---devices with limited CPU, memory, storage, bandwidth, and power (battery). Examples include IoT sensors, smart locks, RFID tags, embedded controllers, and industrial devices. Administrators choose lightweight algorithms and protocols to maintain reasonable security while fitting strict resource budgets and real-time constraints. The goal is not ''weaker security because data is unimportant,'' but rather efficient security that can still meet threat models under constraints. Option B captures this: embedded systems often cannot afford the computational cost of heavy cryptographic primitives (large key sizes, complex modes, frequent handshakes) or may struggle with latency and energy consumption. Option A is irrelevant because physical security of a desktop doesn't remove the need for cryptography in communications or storage. Option C is the opposite of lightweight design. Option D is a poor justification; security design should be based on risk, and lightweight cryptography is not merely for ''minimal protection,'' but for practical deployability under constraints. Therefore, the correct reason is limited resources on embedded systems.

HMAC (Hash-based Message Authentication Code) is a standard mechanism used to verify both integrity and authenticity of a message when two parties share a secret key. It combines a cryptographic hash function (such as SHA-256) with a secret key in a structured way that resists common attacks on nave keyed-hash constructions. The sender computes an HMAC tag over the message and transmits the message plus tag. The receiver recomputes the HMAC using the same shared secret key and compares the result; if the tag matches, the receiver can be confident the message was not modified in transit and that it came from someone who knows the shared key. AES is an encryption algorithm primarily providing confidentiality; it can provide integrity only when used in authenticated modes (e.g., GCM) but ''AES'' alone is not the integrity component. An IV helps randomize encryption but does not validate integrity. TKIP is a legacy WLAN protocol component, not the general integrity verifier. Therefore, the correct component for verifying message integrity among the options is HMAC.

Bitcoin's supply is controlled by protocol rules enforced by consensus: new bitcoins enter circulation through the block subsidy awarded to miners for producing valid blocks. This subsidy is programmed to halve at fixed intervals (every 210,000 blocks), which steadily reduces the rate of new coin creation over time and asymptotically approaches a capped total supply (commonly cited as 21 million BTC). This mechanism is often called the halving schedule and is the primary way limits are managed. The number of participants is not fixed; anyone can run a node or mine. There is no per-country cap and no per-person maximum enforced by the protocol---addresses and ownership are not limited that way. The supply cap emerges from the decreasing issuance schedule combined with consensus validation rules that reject blocks creating coins beyond what the schedule allows. Therefore, the correct answer is that limits are managed because rewards for mining reduce over time.