CAS-005 Question #168: Real Exam Question with Answer & Explanation

Question

A social media company wants to change encryption ciphers after identifying weaknesses in the implementation of the existing ciphers. The company needs the new ciphers to meet the following requirements: - Utilize less RAM than competing ciphers. - Be more CPU-efficient than previous ciphers. - Require customers to use TLS 1.3 while broadcasting video or audio. Which of the following is the best choice for the social media company?

Options

• AIDEA-CBC
• BAES-GCM
• CChaCha20-Poly1305
• DCamellia-CBC

Explanation

ChaCha20-Poly1305 is the best choice as it is a modern, CPU-efficient cipher with low RAM usage, making it ideal for high-throughput applications like video/audio broadcasting, and is a standard cipher for TLS 1.3.

Common mistakes.

• A. IDEA-CBC is an older block cipher that is less efficient and not considered as secure or widely recommended as modern ciphers like ChaCha20-Poly1305 or AES-GCM, and does not specifically meet the TLS 1.3 requirement for optimal performance.
• B. While AES-GCM is a strong and widely used authenticated encryption cipher for TLS 1.3, ChaCha20-Poly1305 often provides better performance on software-only implementations, which is beneficial for minimizing CPU and RAM usage, especially on diverse client devices.
• D. Camellia-CBC is a block cipher similar to AES but less widely adopted, and its CBC mode is generally less efficient and secure than authenticated encryption modes, not specifically meeting the high-efficiency and TLS 1.3 requirements for modern applications.

Concept tested. Cipher suite selection for performance and TLS 1.3

Reference. https://learn.microsoft.com/en-us/windows-server/security/tls/tls-parameters

No community discussion yet for this question.