nerdexam
EC-Council

312-50V9 · Question #133

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

The correct answer is D. It is a symmetric key algorithm, meaning each recipient must receive the key through a different. The primary drawback of AES-256 for sharing data is that as a symmetric algorithm it requires secure out-of-band key distribution to every recipient.

Cryptography

Question

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

Options

  • ADue to the key size, the time it will take to encrypt and decrypt the message hinders efficient
  • BTo get messaging programs to function with this algorithm requires complex configurations.
  • CIt has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.
  • DIt is a symmetric key algorithm, meaning each recipient must receive the key through a different

How the community answered

(59 responses)
  • A
    3% (2)
  • B
    12% (7)
  • C
    5% (3)
  • D
    80% (47)

Why each option

The primary drawback of AES-256 for sharing data is that as a symmetric algorithm it requires secure out-of-band key distribution to every recipient.

ADue to the key size, the time it will take to encrypt and decrypt the message hinders efficient

AES-256 is a highly optimized algorithm and its 256-bit key size does not cause meaningful performance degradation in modern implementations; speed is not a primary drawback.

BTo get messaging programs to function with this algorithm requires complex configurations.

AES is widely supported in virtually all cryptographic libraries and messaging platforms and does not require complex or unusual configuration to enable.

CIt has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.

AES has not been proven weak; it remains one of the strongest standardized symmetric ciphers and is approved by NIST for protecting sensitive government data.

DIt is a symmetric key algorithm, meaning each recipient must receive the key through a differentCorrect

AES is a symmetric cipher, meaning every party who needs to decrypt the data must first receive the identical secret key. Distributing that key securely to each recipient - especially over an untrusted network - is the fundamental key-distribution problem of symmetric cryptography. This requirement for a separate, secure channel to share the key is the primary practical drawback when using AES to protect data shared with multiple recipients.

Concept tested: Symmetric key distribution problem with AES

Source: https://csrc.nist.gov/publications/detail/fips/197/final

Topics

#AES-256#symmetric key distribution#key exchange#encryption drawbacks

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice