A developer needs to utilize AES encryption in an application but requires the speed of encryption
and decryption to be as fast as possible. The data that will be secured is not sensitive so speed is
valued over encryption complexity. Which of the following would BEST satisfy these
requirements?
A.
AES with output feedback
B.
AES with cipher feedback
C.
AES with cipher block chaining
D.
AES with counter mode
Explanation:
The entire CompTIA Security book never mention this topic. It is unfair and not right to have this question on the real exam. How we confirm choice B is correct? Ask Google.
ECB: should not be used if encrypting more than one block of data with the same key.
CBC, OFB and CFB are similar, however OFB/CFB is better because you only need encryption and not decryption, which can save code space.
CTR is used if you want good parallelization (ie. speed), instead of CBC/OFB/CFB.
XTS mode is the most common if you are encoding a random accessible data (like a hard disk or RAM).
OCB is by far the best mode, as it allows encryption and authentication in a single pass. However there are patents on it in USA.
Based on this I will choose D CTR(counter mode).
Thanks Json.
I agree with CTR. Speed is roughly the same but it allows for parallelism which provides greater speed throughput.