Exam CAS-004 topic 1 question 568 discussion

*PBKDF2: is a key derivation function designed to make password cracking more difficult by using a high number of iterations to transform a password into a cryptographic key. *AES: is a widely-used symmetric encryption algorithm that supports variable key sizes (128, 192, or 256 bits), which meets the requirement for variable block and key size. RC5 is outdated, it is not as widely recommended for secure encryption, especially when newer, more secure alternatives (like AES) are available.

PBKDF2 (Password-Based Key Derivation Function 2) strengthens passwords against brute-force attacks. AES (Advanced Encryption Standard) supports variable block and key sizes, making it ideal for secure encryption. RC5, P256, and ECDSA are not relevant to password vault requirements. RIPEMD is a hashing algorithm and does not meet the criteria for encryption or brute-force resistance.

o A. PBKDF2: This key derivation function is designed to be computationally intensive, making it resistant to brute-force attacks. It uses a variable number of iterations and a salt to enhance security. o C. AES (Advanced Encryption Standard): AES supports variable block and key sizes (128, 192, and 256 bits) and is widely recognized for its strong security and efficiency. It is highly resistant to brute-force attacks

PBKDF2 (Password-Based Key Derivation Function 2): PBKDF2 is a key derivation function specifically designed to make brute-force attacks more difficult by applying a password-based function iteratively (many times) to generate a cryptographic key. It uses a variable number of iterations, which means the difficulty of brute-forcing can be adjusted by increasing the number of iterations. This adds resistance against brute-force attacks. RC5 is a block cipher with a variable block size (typically 32, 64, or 128 bits) and a variable key size (up to 2040 bits). This flexibility meets the requirement for a variable block and key size. RC5 also provides a level of resistance against brute-force attacks, especially when using a large key size and an appropriate number of rounds. NOT AES is a widely used symmetric encryption algorithm that supports key sizes of 128, 192, or 256 bits, but it doesn't allow for a variable block size (it uses a fixed block size of 128 bits). Since the requirement is for variable block and key size, AES is not the best fit.