Which statement describes the risk of not destroying a session key that is no longer used for completed communication of encrypted data?
- The attacker could have captured the encrypted communication and stored it while waiting for an opportunity to acquire the key.
- Systems can only store a certain number of keys and could be unable to generate new keys for communication.
- It increases the risk of duplicate keys existing for the key space of the algorithm.
- The risk of weaker keys being generated increases as the number of keys stored increases.
| Explanation & Hint:
The statement that describes the risk of not destroying a session key that is no longer used for completed communication of encrypted data is:
This is known as a “store now, decrypt later” attack, where an attacker who has recorded encrypted traffic waits until they can obtain the session key—through various means like key compromise, cryptanalysis, or brute force attacks. If the attacker succeeds in obtaining the key and the key has not been destroyed, they can then decrypt the previously captured communications. This is why it’s important for session keys to be ephemeral, meaning they are destroyed at the end of the session, to minimize the window of opportunity for such an attack. |