A security architect is designing a secure communication protocol for a new IoT deployment. A primary requirement is to enable two devices to securely generate a shared secret key for encrypting their traffic, even if their initial communication is monitored. The solution must also be highly efficient to accommodate the low-power nature of the devices. Which of the following cryptographic mechanisms is BEST suited for this purpose?
The correct answer is Elliptic Curve Diffie-Hellman (ECDH). ECDH is a key agreement protocol specifically designed to allow two parties to establish a shared secret over an insecure channel. Its primary advantage over other methods like RSA is its efficiency; it provides strong security with smaller key sizes, making it ideal for resource-constrained environments like IoT devices.
Advanced Encryption Standard (AES) is a symmetric encryption algorithm used to encrypt data with a pre-existing key; it is not used to establish the key itself.
Rivest-Shamir-Adleman (RSA) is an asymmetric algorithm that can be used for key exchange, but it is more computationally intensive and requires larger keys than ECDH for equivalent security, making it less suitable for low-power devices.
Secure Hash Algorithm 256 (SHA-256) is a hashing function used to ensure data integrity and create digital signatures; it does not perform key exchange or encryption.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What makes ECDH more efficient than RSA for IoT devices?
Open an interactive chat with Bash
How does ECDH establish a shared secret over an insecure channel?
Open an interactive chat with Bash
Why is AES not suitable for key exchange in this scenario?