Certified Ethical Hacker (CEH v13) — Question 65

You are a cybersecurity professional managing cryptographic systems for a global corporation. The company uses a mix of Elliptic Curve Cryptography (ECC) for key exchange and symmetric encryption algorithms for data encryption. The time complexity of ECC key pair generation is O(n^3), where 'n' is the size of the key. An advanced threat actor group has a quantum computer that can potentially break ECC with a time complexity of O((log n)^2). Given that the ECC key size is 'n=512' and varying symmetric encryption algorithms and key sizes, which scenario would provide the best balance of security and performance?

Answer options

• A. Data encryption with AES-128: Provides moderate security and fast encryption, offering a balance between the two.
• B. Data encryption with AES-256: Provides high security with better performance than 3DES, but not as fast as other AES key sizes.
• C. Data encryption with 3DES using a 168-bit key: Offers high security but slower performance due to 3DES's inherent inefficiencies.
• D. Data encryption with Blowfish using a 448-bit key: Offers high security but potential compatibility issues due to Blowfish's less widespread use.

Correct answer: B

Explanation

The correct answer is B because AES-256 provides a strong level of security while maintaining satisfactory performance, making it suitable for environments where both factors are critical. Option A, while fast, does not offer the same level of security as AES-256. Option C, though secure, suffers from performance drawbacks. Option D provides high security but could lead to compatibility issues, making it less desirable in a diverse cryptographic landscape.