Folks, thank you for the nice discussion.
In retrospect, this was not a good multiple-choice question, because the answer depends on so many things. That is a challenge with the quizzes: it's hard to come up with questions that are both interesting AND have simple true/false answers.
A couple of thoughts:
- Indeed, whether method 2 is more efficient or not does depend on how much data is encrypted with the new shared key. One aspect is if the communication is persistent (as you point out). Another (related) one is simply the size of the message.
- As already well-argued, neither method is secure against end-host vulnerabilities. E.g., if we assume that Alice and Bob's computers are vulnerable in some arbitrary way, an attacker could break into Bob's computer and trick Bob into generating a weak public/private key pair, which would equally weaken both methods. (But I do see the logic in thinking that, if a method relies on 2 keys as opposed to 1 key, everything else aside, we are introducing one more attack surface.)
The only "saving grace" is that the answers were phrased as "We should expect method 1/2 to be more efficient/secure..." and not as "Method 1/2 is more efficient/secure..."
In any case. If you have such doubts during the final exam, you raise your hand and ask. Or you write down your rationale next to your choice.
In retrospect, this was not a good multiple-choice question, because the answer depends on so many things. That is a challenge with the quizzes: it's hard to come up with questions that are both interesting AND have simple true/false answers.
A couple of thoughts:
- Indeed, whether method 2 is more efficient or not does depend on how much data is encrypted with the new shared key. One aspect is if the communication is persistent (as you point out). Another (related) one is simply the size of the message.
- As already well-argued, neither method is secure against end-host vulnerabilities. E.g., if we assume that Alice and Bob's computers are vulnerable in some arbitrary way, an attacker could break into Bob's computer and trick Bob into generating a weak public/private key pair, which would equally weaken both methods. (But I do see the logic in thinking that, if a method relies on 2 keys as opposed to 1 key, everything else aside, we are introducing one more attack surface.)
The only "saving grace" is that the answers were phrased as "We should expect method 1/2 to be more efficient/secure..." and not as "Method 1/2 is more efficient/secure..."
In any case. If you have such doubts during the final exam, you raise your hand and ask. Or you write down your rationale next to your choice.
