Certified Ethical Hacker (CEH v12) — Question 156

You are the chief security officer at AlphaTech, a tech company that specializes in data storage solutions. Your company is developing a new cloud storage platform where users can store their personal files. To ensure data security, the development team is proposing to use symmetric encryption for data at rest. However, they are unsure of how to securely manage and distribute the symmetric keys to users. Which of the following strategies would you recommend to them?

Answer options

• A. Use hash functions to distribute the keys.
• B. Use HTTPS protocol for secure key transfer.
• C. Use digital signatures to encrypt the symmetric keys.
• D. Implement the Diffie-Hellman protocol for secure key exchange.

Correct answer: D

Explanation

The correct answer is D because the Diffie-Hellman protocol allows two parties to securely exchange cryptographic keys over a public channel. Option A is incorrect as hash functions do not facilitate key distribution; they only produce a fixed-size hash of the data. Option B, while HTTPS is essential for securing data in transit, it doesn't specifically address key distribution. Option C is wrong since digital signatures are used for authentication, not for encrypting keys.