312-50V10 · Question #793
What is one of the advantages of using both symmetric and asymmetric cryptogrsphy in SSL/TLS?
The correct answer is D. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited. SSL/TLS uses asymmetric cryptography only during the handshake to securely exchange a symmetric session key, then switches to symmetric encryption for bulk data transfer because symmetric algorithms are far faster. This hybrid approach balances security and performance.
Question
What is one of the advantages of using both symmetric and asymmetric cryptogrsphy in SSL/TLS?
Options
- ASupporting both types of algorithms allows less-powerful devices such as mobile phones to use
- BSymmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
- CSymmetric encryption allows the server to security transmit the session keys out-of-band.
- DAsymmetric cryptography is computationally expensive in comparison. However, it is well-suited
How the community answered
(43 responses)- A14% (6)
- B5% (2)
- C9% (4)
- D72% (31)
Why each option
SSL/TLS uses asymmetric cryptography only during the handshake to securely exchange a symmetric session key, then switches to symmetric encryption for bulk data transfer because symmetric algorithms are far faster. This hybrid approach balances security and performance.
Device compatibility is not the reason SSL/TLS combines both algorithm types - the hybrid model exists to balance key exchange security with bulk encryption performance.
Symmetric algorithms do not serve as a failsafe for asymmetric failures; they serve entirely different roles within the protocol.
Session keys are not transmitted out-of-band using symmetric encryption - asymmetric cryptography is used during the handshake specifically to avoid transmitting session keys in plaintext.
Asymmetric cryptography (e.g., RSA, ECDH) is computationally expensive but excels at secure key exchange without a pre-shared secret, solving the key distribution problem. Once the handshake establishes a shared symmetric session key, SSL/TLS switches to a fast symmetric cipher (e.g., AES) for the actual data stream, combining the security benefits of asymmetric with the performance of symmetric algorithms.
Concept tested: SSL/TLS hybrid cryptography - key exchange vs. bulk encryption
Source: https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview
Topics
Community Discussion
No community discussion yet for this question.