You are designing a mobile chat application. You want to ensure people cannot spoof chat messages, by providing a message were sent by a specific user. What should you do?
Choose an answer
Tap an option to check your answer.
Correct answer: Use public key infrastructure (PKI) to encrypt the message client side using the originating user's private key..
Why this is the answer
To prevent message spoofing and ensure authenticity, you need a mechanism to prove the sender's identity. Using Public Key Infrastructure (PKI) to encrypt the message client-side with the originating user's private key achieves this through digital signatures. The recipient (or server) can then use the sender's public key to decrypt and verify the signature. If decryption is successful, it confirms the message originated from the holder of that private key. Tagging messages client-side with user identifiers is easily spoofed as the tag can be altered. Encrypting with a shared key provides confidentiality but doesn't guarantee authenticity, as anyone with the shared key could send messages. SSL connectivity ensures secure transport but doesn't inherently prevent a malicious client from spoofing the sender's identity within the application layer.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed