CompTIA Security+ Exam: Encryption Scheme Adherence

Encryption Scheme Adherence

Prev Question Next Question

Question

An attacker captures the encrypted communication between two parties for a week, but is unable to decrypt the messages.

The attacker then compromises the session key during one exchange and successfully compromises a single message.

The attacker plans to use this key to decrypt previously captured and future communications, but is unable to.

This is because the encryption scheme in use adheres to:

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

The encryption scheme in use adheres to Perfect Forward Secrecy (PFS).

Perfect Forward Secrecy is a security mechanism that provides assurance that session keys are not compromised even if long-term private keys are stolen by an attacker. In PFS, a new session key is generated for each session, and the private key used to encrypt the communication is never reused.

In this scenario, the attacker was able to compromise the session key during one exchange, which means they were able to access the encrypted message. However, the attacker was unable to decrypt previously captured and future communications because PFS generates a new session key for each session, and the session key used to encrypt the previously captured and future communications is different from the compromised session key.

PFS ensures that even if an attacker is able to compromise a session key, they cannot use it to decrypt previously captured or future communications, making it a robust security mechanism. Therefore, the encryption scheme in use adheres to Perfect Forward Secrecy.