Certified Ethical Hacker (CEH v13) — Question 37

You are the lead cybersecurity analyst at a multinational corporation that uses a hybrid encryption system to secure inter-departmental communications. The system uses RSA encryption for key exchange and AES for data encryption, taking advantage of the strengths of both asymmetric and symmetric encryption. Each RSA key pair has a size of 'n' bits, with larger keys providing more security at the cost of slower performance. The time complexity of generating an RSA key pair is O(n^2), and AES encryption has a time complexity of O(n). An attacker has developed a quantum algorithm with time complexity O((log n)^2) to crack RSA encryption. Given 'n=4000' and variable 'AES key size', which scenario is likely to provide the best balance of security and performance?

Answer options

• A. AES key size=128 bits: This configuration provides less security than option A, but RSA key generation and AES encryption will be faster.
• B. AES key size=256 bits: This configuration provides a high level of security, but RSA key generation may be slow.
• C. AES key size=192 bits: This configuration is a balance between options A and B, providing moderate security and performance.
• D. AES key size=512 bits: This configuration provides the highest level of security but at a significant performance cost due to the large AES key size.

Correct answer: C

Explanation

The correct answer is C, as an AES key size of 192 bits offers a reasonable compromise of security and performance, balancing the trade-offs between the faster performance of lower key sizes and the higher security of larger ones. Option A provides insufficient security, while option B, despite its high security, may lead to slower operations. Option D, while secure, imposes excessive performance costs that are not justified for most applications.