PrepAway - Latest Free Exam Questions & Answers

Which of the following statements is true regarding ECC?

Which of the following statements is true regarding ECC?

A. ECC is slower than RSA because ECC is an asymmetric encryption method.

B. ECC is stronger than RSA because ECC is a symmetric encryption method.

C. ECC is faster than RSA because ECC uses prime number factoring.

D. ECC is more efficient than RSA because ECC requires a shorter key to achieve the same level of security.

Explanation:
Elliptic Curve Cryptography (ECC) is more efficient than RSA because ECC requires a shorter key to achieve the same level of security. Because of the relative strength of ECC algorithms, shorter key lengths can be used to provide the same amount of security, thereby reducing the computational power required to encrypt and decrypt by using ECC. For example, ECC requires a key length of between 224 and 255 bits to be as strong as 2,048-bit RSA or Diffie-Hellman (DH).

Although ECC is stronger than RSA, ECC is not a symmetric encryption method. Both ECC and RSA are asymmetric encryption methods. Symmetric encryption methods, such as Advanced Encryption Standard (AES), are stronger than asymmetric encryption methods. For example, ECC requires a key length of more than 512 bits to be as strong as 256-bit AES.

Although ECC is faster than RSA, ECC does not use prime number factoring. Instead, ECC is based on an algebraic equation that uses discrete logarithms to describe an elliptic curve over finite fields. Algorithms that use ECC are stronger than algorithms that use prime number factoring or discrete logarithms alone. By contrast, RSA uses prime number factoring. The RSA algorithm works by using large prime number factors and the resultant product as the private key and public key, respectively. Multiplying the relatively small prime numbers 3,331 and 3,907 creates the product 13,014,217. RSA’s security lies in the fact that there is no easy way to determine which two prime numbers formed the product. Therefore, the product can be used as the public key, and the two prime numbers, which must remain private, form the private key. The weakness lies in the fact that the prime numbers need to be relatively large in order to be secure enough to use.

Reference: https://www.certicom.com/content/certicom/en/code-and-cipher/the-next-generation-of-cryptography.html


Leave a Reply