Certified Ethical Hacker (CEH v12) — Question 159

You are a cybersecurity professional managing cryptographic systems for a global corporation. The company uses a mix of Elliptic Curve Cryptography (ECC) for key exchange and symmetric encryption algorithms for data encryption. The time complexity of ECC key pair generation is O(n^3), where 'n' is the size of the key. An advanced threat actor group has a quantum computer that can potentially break ECC with a time complexity of O((log n)^2). Given that the ECC key size is 'n=512' and varying symmetric encryption algorithms and key sizes, which scenario would provide the best balance of security and performance?

Answer options

• A. Data encryption with AES-128: Provides moderate security and fast encryption, offering a balance between the two.
• B. Data encryption with AES-256: Provides high security with better performance than 3DES, but not as fast as other AES key sizes.
• C. Data encryption with 3DES using a 168-bit key: Offers high security but slower performance due to 3DES's inherent inefficiencies.
• D. Data encryption with Blowfish using a 448-bit key: Offers high security but potential compatibility issues due to Blowfish's less widespread use.

Correct answer: B

Explanation

The correct answer is B because AES-256 offers a strong level of security while maintaining reasonable performance, making it suitable against advanced threats. Option A, while fast, does not provide as much security, while C suffers from performance issues and D may encounter compatibility problems despite its strong security.