New Enroll in RBI Grade B New Batch - Starts on May 21

    Question

    Which encryption technique is used in Transport Layer

    Security (TLS) to securely establish a session key?
    A RSA-based key exchange Correct Answer Incorrect Answer
    B Diffie-Hellman key exchange Correct Answer Incorrect Answer
    C Elliptic Curve Digital Signature Algorithm (ECDSA) Correct Answer Incorrect Answer
    D Pre-shared keys (PSK) Correct Answer Incorrect Answer
    E SHA-256 hashing Correct Answer Incorrect Answer

    Solution

    TLS often uses the Diffie-Hellman key exchange (or its elliptic curve variant, ECDHE) to securely establish a session key between two parties without transmitting it directly over the network. The process involves both parties generating private keys and exchanging public keys. Using mathematical operations, they independently compute a shared secret that acts as the session key. This ensures that even if the exchanged public keys are intercepted, an attacker cannot derive the session key without the private keys. Diffie-Hellman enhances forward secrecy in TLS, meaning even if the private key is compromised in the future, past session data remains secure because the session key is unique and ephemeral. Why Other Options Are Incorrect:

    • A) RSA is used for key exchange in some TLS versions but lacks forward secrecy unless combined with ephemeral methods.
    • C) ECDSA provides digital signatures, not key exchange.
    • D) Pre-shared keys are less secure and rarely used in modern TLS implementations.
    • E) SHA-256 is a hashing algorithm and does not perform encryption or key exchange.

    Practice Next