312-50V13 · Question #440
Kevin, an encryption specialist, implemented a technique that enhances the security of keys used for encryption and authentication. Using this technique, Kevin input an initial key to an algorithm tha
The correct answer is D. Key stretching. Kevin employed key stretching, a technique that transforms a weaker initial key into a stronger, more resistant key through an iterative, computationally intensive process, thereby deterring brute-force attacks.
Question
Options
- AKey derivation function
- BKey reinstallation
- CA Public key infrastructure
- DKey stretching
How the community answered
(40 responses)- A3% (1)
- B5% (2)
- D93% (37)
Why each option
Kevin employed key stretching, a technique that transforms a weaker initial key into a stronger, more resistant key through an iterative, computationally intensive process, thereby deterring brute-force attacks.
A Key Derivation Function (KDF) is a specific algorithm used *within* the key stretching process to generate a cryptographic key from a secret, such as a master key or password, but key stretching is the broader *technique* focused on making the key resistant to brute-force attacks through iterative computation.
Key reinstallation is a vulnerability (e.g., KRACK attack on WPA2) where an attacker forces the reinstallation of a cryptographic key already in use, allowing for replay or decryption, which is a security flaw, not an enhancement technique.
A Public Key Infrastructure (PKI) is a system for managing digital certificates and public keys, establishing trust for secure communication, but it is not a technique for strengthening a single encryption key against brute-force attacks.
Key stretching is a cryptographic technique that intentionally makes a password or key computationally expensive to derive from its initial input by applying an iterative process, often involving a Key Derivation Function (KDF) and salt. This increased cost significantly slows down brute-force attacks, making it impractical for attackers to guess or crack the strengthened key within a reasonable timeframe.
Concept tested: Key stretching for brute-force resistance
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-132.pdf
Topics
Community Discussion
No community discussion yet for this question.