A Security Officer on a military base needs to encrypt several smart phones that will be going into
the field. Which of the following encryption solutions should be deployed in this situation?
A.
Elliptic curve
B.
One-time pad
C.
3DES
D.
AES-256
AES256 qualifies for U.S. government classification as TOP Secret.
2
0
i choose ECC and you may read this
https://resources.infosecinstitute.com/ecc-case-mobile-encryption/
0
1
ECC is the only one used for Commercial Smart Phone encryption. Faster with less overhead.
Answer is A.
2
1
Answer is D. AES-256 because of association with military. Just confirming the question and answer.
1
0
Dude. It doesn’t matter if NSA invented AES or not. Mobile devices need fast and untracable encryption method which is ECC
2
0
According to Darril Gibson, ECC is a strong security, and has been approved by the NSA in 2005 for digital signatures and Diffie-Hellman key agreements. I think the answer is A based on that information. Hard to say really though.
1
0
Oh and I forgot to add, ECC is commonly used with small wireless devices which in this case would be the smart phones.
1
0
ok.. so is the answer AES 256 or ECC?
I answered ECC as well.. all the study materials I’ve use ECC for smart phones.
1
0
I chose D.
Based on King Fisher it looks to be C:
Other algorithms have been adapted to work with elliptic curves, including Diffie-
Hellman and the Digital Signature Algorithm (DSA). The Diffie-Hellman version
(known as Elliptic Curve Diffie-Hellman, or ECDH) uses elliptic curve public/private
key pairs to establish the secret key. Another variant, ECDHE, runs in ephemeral
mode, which as previously stated makes sure that a compromised message won’t
start a chain reaction, and that other messages maintain their integrity. By its very
design, the elliptic curve solves the problem of the extra computational power required
by DHE. DSA is a U.S. federal government standard public key encryption
algorithm used in digital signatures. The elliptic version is known as ECDSA. In
general, the size of the public key in an elliptic curve–based algorithm can be 1/6 the
size of the non-elliptic curve version. For example, ECDSA has a public key that is
160 bits, but regular DSA uses a public key that is 1024 bits. This is part of the reasoning
behind the reduced amount of CPU power needed.
ECC cryptography is used with smart cards, wireless security, and other communications
such as VoIP and IPsec (with DSA). It can be susceptible to side channel
attacks (SCAs), which are attacks based on leaked information gained from the
physical implementation (number and type of curves) of the cryptosystem, and
fault attacks (a type of SCA), plus there are concerns about backdoors into the algorithm’s
random generator. Elliptic curve cryptography (as well as RSA and other
algorithms) is also theoretically vulnerable to quantum cryptanalysis–based computing
attacks
0
1
This submission was then further developed into the Advanced
Encryption Standard (AES) and became the U.S. federal government standard in
2002. AES is the successor to DES/3DES and is another symmetric key encryption
standard composed of three different versions of block ciphers: AES-128, AES-192,
and AES-256. Actually, each of these has the same 128-bit cipher block size, but the
key sizes for each are 128-bit, 192-bit, and 256-bit, respectively.
AES is based on the substitution-permutation network, which takes plaintext and
the key and applies x number of rounds to create the ciphertext. These rounds consist
of substitution boxes and permutation boxes (usually in groups of 4X4 bytes)
that convert the plaintext input bits to ciphertext output bits. AES specifies 10, 12,
or 14 rounds for each of the respective versions.
AES is fast, uses minimal resources, and can be used on a variety of platforms. For
example, it is the encryption algorithm of choice if you have a wireless network
running the WPA2 protocol; the IEEE 802.11i standard specifies the usage of
AES with WPA2, and in the process deprecates WEP. (See Chapter 8 , “Securing
Network Media and Devices,” for more about WEP and WPA.) You will also find
AES as the encrypting protocol for remote control applications. These are examples
of data in motion (also called data in transit). Any network session that uses AES
would fall into this category. But memory encryption would fall into that category
as well. For example, there are programs that can encrypt passwords and other personally
identifiable information (PII) as it is passing through RAM. They often use
AES or Twofish
1
0