312-50V13 · Question #591
You are a cybersecurity professional managing cryptographic systems for a global corporation. The company uses a mix of Elliptic Curve Cryptography (ECC) for key exchange and symmetric encryption algo
The correct answer is B. Data encryption with AES-256: Provides high security with better performance than 3DES, but not. Explanation AES-256 (Option B) strikes the optimal balance between security and performance in a post-quantum threat environment: its 256-bit key provides approximately 128-bit security even against quantum attacks (Grover's algorithm halves effective key strength), making it res
Question
Options
- AData encryption with AES-128: Provides moderate security and fast encryption, offering a balance
- BData encryption with AES-256: Provides high security with better performance than 3DES, but not
- CData encryption with 3DES using a 168-bit key: Offers high security but slower performance due
- DData encryption with Blowfish using a 448-bit key: Offers high security but potential compatibility
How the community answered
(35 responses)- A20% (7)
- B69% (24)
- C9% (3)
- D3% (1)
Explanation
Explanation
AES-256 (Option B) strikes the optimal balance between security and performance in a post-quantum threat environment: its 256-bit key provides approximately 128-bit security even against quantum attacks (Grover's algorithm halves effective key strength), making it resistant to the quantum adversary described, while AES remains one of the fastest and most efficient symmetric algorithms available due to widespread hardware acceleration support.
Option A (AES-128) falls short because Grover's algorithm reduces its effective security to only ~64 bits against a quantum computer, which is dangerously insufficient against the described advanced quantum threat actor. Option C (3DES-168) offers comparable security to AES-128 but performs significantly slower due to its triple-encryption process, making it both less secure against quantum threats and less efficient - a double disadvantage. Option D (Blowfish-448) has an impressively large key size but suffers from compatibility issues in enterprise environments, lacks hardware acceleration, and is considered a legacy algorithm with limited modern support.
Memory Tip: Think "AES-256 = Gold Standard" - it's the algorithm recommended by NIST for post-quantum resistance in symmetric encryption. When in doubt on exam questions involving quantum threats, AES-256 is almost always the preferred symmetric choice because quantum attacks only halve its security, leaving a robust 128-bit effective strength.
Topics
Community Discussion
No community discussion yet for this question.