Certified Ethical Hacker (CEH v12) — Question 163

You are the lead cybersecurity analyst at a multinational corporation that uses a hybrid encryption system to secure inter-departmental communications. The system uses RSA encryption for key exchange and AES for data encryption, taking advantage of the strengths of both asymmetric and symmetric encryption. Each RSA key pair has a size of 'n' bits, with larger keys providing more security at the cost of slower performance. The time complexity of generating an RSA key pair is O(n^2), and AES encryption has a time complexity of O(n). An attacker has developed a quantum algorithm with time complexity O((log n)^2) to crack RSA encryption. Given 'n=4000' and variable 'AES key size', which scenario is likely to provide the best balance of security and performance?

Answer options

• A. AES key size=128 bits: This configuration provides less security than option A, but RSA key generation and AES encryption will be faster.
• B. AES key size=256 bits: This configuration provides a high level of security, but RSA key generation may be slow.
• C. AES key size=192 bits: This configuration is a balance between options A and B, providing moderate security and performance.
• D. AES key size=512 bits: This configuration provides the highest level of security but at a significant performance cost due to the large AES key size.

Correct answer: C

Explanation

Option C, with an AES key size of 192 bits, provides a suitable balance of security and performance, as it offers adequate security without the significant slowdown seen in higher key sizes. Option A lacks sufficient security, while option B may lead to slower RSA key generation, and option D's large key size results in poor performance despite its high security.