What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

SSL/TLS uses a hybrid cryptographic approach:

Asymmetric cryptography is used during the handshake phase to securely exchange symmetric session keys over an insecure network.

After the key exchange, symmetric encryption (e.g., AES) is used for the bulk of data transfer due to its high performance and lower overhead.

This approach balances security and efficiency by leveraging asymmetric encryption for secure key exchange and symmetric encryption for speed.

Reference – CEH v13 Official Study Guide:

Module 20: Cryptography

Section: SSL/TLS

Quote:

“SSL/TLS uses asymmetric cryptography to negotiate keys and symmetric cryptography to encrypt data. This combination ensures secure, fast, and reliable communication.”

Incorrect Options Explained:

A. Not relevant — all devices follow the protocol regardless of capability.

B. There is no failover mechanism as described.

C. Session keys are exchanged during the handshake, not out-of-band.