Most Secure Transmission Algorithm
teancum144
Member Posts: 229 ■■■□□□□□□□
in Security+
Which of the following is the MOST secure transmission algorithm?
A. AES 256
B. TKIP
C. 3DES
D. AES
I was tricked on this one. I chose A, "AES 256". However, the answer is B, "TKIP". The explanation said that only TKIP is a "transmission" algorithm and that AES 256 is encryption for data at rest. My thought is that AES, when used in IPSec also secures data in transmission. Additionally, while TKIP is used in WPA for encrypted transmissions, AES is used in WPA2 for encrypted transmissions. What am I missing?
A. AES 256
B. TKIP
C. 3DES
D. AES
I was tricked on this one. I chose A, "AES 256". However, the answer is B, "TKIP". The explanation said that only TKIP is a "transmission" algorithm and that AES 256 is encryption for data at rest. My thought is that AES, when used in IPSec also secures data in transmission. Additionally, while TKIP is used in WPA for encrypted transmissions, AES is used in WPA2 for encrypted transmissions. What am I missing?
If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post.
Comments
-
paul78 Member Posts: 3,016 ■■■■■■■■■■That's a good question. Certainly will keep you on your toes. TKIP is the only transmission algorithm on the list of choices. The rest are cipher algorithms. TKIP (WPA) uses RC4 as a cipher algorithm. WPA2 uses AES as its cipher algorithm.
The explanation provided isn't quite right though. You are correct that AES can be used as a cipher for data in transit - IPSec and SSL are examples. -
teancum144 Member Posts: 229 ■■■□□□□□□□That's a good question. Certainly will keep you on your toes. TKIP is the only transmission algorithm on the list of choices. The rest are cipher algorithms. TKIP (WPA) uses RC4 as a cipher algorithm. WPA2 uses AES as its cipher algorithm.
The explanation provided isn't quite right though. You are correct that AES can be used as a cipher for data in transit - IPSec and SSL are examples.If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. -
paul78 Member Posts: 3,016 ■■■■■■■■■■Sorry that I wasn't clear. I find most standards names about wifi entirely confusing myself.
The term WPA or Wi-Fi Protected Access is actually a tradename of the WiFi Alliance. I think WPA was used as a way to make it easier for consumers to understand wifi security.
WPA is TKIP which uses RC4 as a cipher
WPA2 is CCMP (not sure what that stands for) which uses AES as a cipher
I'm by no means an expert on wifi standards or it's naming conventions but I think that's the general gist. -
Darril Member Posts: 1,588I don't want to debate the question but from a general perspective, data is protected at three different times:
- Data at rest (stored on media)
- Data in transit (sent over a network)
- Data in use (processed in memory)
TKIP is the only one specifically used for data in transit.
You won't see anything on the Security+ exam related to data in use but you might see something about it in advanced security exams such as the CISSP.
From another perspective, which one of the following four items is out of place?- Red
- Orange
- Green
- Automobile
Apply this analogy to the data at rest and data in transit. Only one of your answers is specifically for data in transit.
HTH -
paul78 Member Posts: 3,016 ■■■■■■■■■■@Darril - great example with Automobile/Color question. I guess that why you wrote the book and I write in forums
I really do like questions in this format; it really does make you think more. My favorite format of question includes negations or qualifiers like "best", "worst", "most".
Although, I still prefer my reasoning that AES, AES 256, and 3DES are eliminated because they are encryption algorithms whereas TKIP is not one. -
Darril Member Posts: 1,588Wait a second? Can't AES and 3DES be used to protect data in transit?
Yes, they can and I believe that is what the original poster was asking about.
However, which answer can ONLY be used to encrypt data in transit?
Or, asked another way, which answer cannot be used be used to encrypt data at rest?
@Paul78. Thanks for the kind words. Glad you like "best", "worst" and "most" because you are likely to some of those qualifiers on the Security+ exam. -
teancum144 Member Posts: 229 ■■■□□□□□□□Not to beat a dead horse, but I was struggling to find an example of an equivalent "transmission protocol" to TKIP, but here is some relevant info:
"Advanced Encryption Standard (AES) is the cipher system used by RSN [WPA2/802.11i]. It is the equivalent of the RC4 algorithm used by WPA. ... CCMP is the security protocol used by AES. It is the equivalent of TKIP in WPA."
Source: WPA vs WPA2 (802.11i): How your Choice Affects your Wireless Network Security | Openxtra
Based on this, CCMP (Counter Cipher Mode with Block Chaining Message Authentication Code Protocol) is also a "Transmission Protocol" (comparing apples to apples).
Synthesizing this information with the information from the previous comments, here is my understanding:
TKIP is the only transmission algorithm in the list. The others are cipher/encryption algorithms that are typically used to encrypt data at rest. TKIP is used only to encrypt data in transit. CCMP is another example of a transmission algorithm. CCMP is more secure than TKIP.
Is the preceding paragraph correct?If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. -
paul78 Member Posts: 3,016 ■■■■■■■■■■Yes. That's about right. I would say something like this.
TKIP is the only transmission algorithm in the list. The others are cipher/encryption algorithms that are typically used to encrypt data at rest. TKIP uses RC4 to encrypt data in transit. CCMP which uses AES is another example of a transmission algorithm. CCMP is more secure than TKIP. -
teancum144 Member Posts: 229 ■■■□□□□□□□I ran across some information that describes the following as "Transport" protocols that provide encryption:
- SSH
- HTTPS
- IPSec
Are the words "Transport" and "Transmission" as used in these contexts synonymous?If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post.