nerdexam
EC-Council

312-50V10 · Question #793

What is one of the advantages of using both symmetric and asymmetric cryptogrsphy in SSL/TLS?

The correct answer is D. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited. SSL/TLS uses asymmetric cryptography only during the handshake to securely exchange a symmetric session key, then switches to symmetric encryption for bulk data transfer because symmetric algorithms are far faster. This hybrid approach balances security and performance.

Cryptography

Question

What is one of the advantages of using both symmetric and asymmetric cryptogrsphy in SSL/TLS?

Options

  • ASupporting both types of algorithms allows less-powerful devices such as mobile phones to use
  • BSymmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
  • CSymmetric encryption allows the server to security transmit the session keys out-of-band.
  • DAsymmetric cryptography is computationally expensive in comparison. However, it is well-suited

How the community answered

(43 responses)
  • A
    14% (6)
  • B
    5% (2)
  • C
    9% (4)
  • D
    72% (31)

Why each option

SSL/TLS uses asymmetric cryptography only during the handshake to securely exchange a symmetric session key, then switches to symmetric encryption for bulk data transfer because symmetric algorithms are far faster. This hybrid approach balances security and performance.

ASupporting both types of algorithms allows less-powerful devices such as mobile phones to use

Device compatibility is not the reason SSL/TLS combines both algorithm types - the hybrid model exists to balance key exchange security with bulk encryption performance.

BSymmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

Symmetric algorithms do not serve as a failsafe for asymmetric failures; they serve entirely different roles within the protocol.

CSymmetric encryption allows the server to security transmit the session keys out-of-band.

Session keys are not transmitted out-of-band using symmetric encryption - asymmetric cryptography is used during the handshake specifically to avoid transmitting session keys in plaintext.

DAsymmetric cryptography is computationally expensive in comparison. However, it is well-suitedCorrect

Asymmetric cryptography (e.g., RSA, ECDH) is computationally expensive but excels at secure key exchange without a pre-shared secret, solving the key distribution problem. Once the handshake establishes a shared symmetric session key, SSL/TLS switches to a fast symmetric cipher (e.g., AES) for the actual data stream, combining the security benefits of asymmetric with the performance of symmetric algorithms.

Concept tested: SSL/TLS hybrid cryptography - key exchange vs. bulk encryption

Source: https://learn.microsoft.com/en-us/windows-server/security/tls/tls-ssl-schannel-ssp-overview

Topics

#SSL/TLS#hybrid cryptography#asymmetric vs symmetric#session key exchange

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice