Key exchange

For the film, see Key Exchange.
"Kex" redirects here. For other uses, see KEX (disambiguation) and KEXS (disambiguation).

Key exchange (also key establishment) is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm.

In the Diffie–Hellman key exchange scheme, each party generates a public/private key pair and distributes the public key. After obtaining an authentic copy of each other's public keys, Alice and Bob can compute a shared secret offline. The shared secret can be used, for instance, as the key for a symmetric cipher.

If the sender and receiver wish to exchange encrypted messages, each must be equipped to encrypt messages to be sent and decrypt messages received. The nature of the equipping they require depends on the encryption technique they might use. If they use a code, both will require a copy of the same codebook. If they use a cipher, they will need appropriate keys. If the cipher is a symmetric key cipher, both will need a copy of the same key. If it is an asymmetric key cipher with the public/private key property, both will need the other's public key.

Channel of exchange

Key exchange is done either in-band or out-of-band.[1]

The key exchange problem

The key exchange problem describes ways to exchange whatever keys or other information are needed for establishing a secure communication channel so that no one else can obtain a copy. Historically, before the invention of public-key cryptography (asymmetrical cryptography), symmetric-key cryptography utilized a single key to encrypt and decrypt messages. For two parties to communicate confidentially, they must first exchange the secret key so that each party is able to encrypt messages before sending, and decrypt received ones. This process is known as the key exchange.

The overarching problem with symmetrical cryptography, or single-key cryptography, is that it requires a secret key to be communicated through trusted couriers, diplomatic bags, or any other secure communication channel. If two parties cannot establish a secure initial key exchange, they won't be able to communicate securely without the risk of messages being intercepted and decrypted by a third party who acquired the key during the initial key exchange.

Public-key cryptography uses a two-key system, consisting of the public and the private keys, where messages are encrypted with one key and decrypted with another. It depends on the selected cryptographic algorithm which key—public or private—is used for encrypting messages, and which for decrypting. For example, in RSA, the private key is used for decrypting messages, while in the Digital Signature Algorithm (DSA), the private key is used for authenticating them. The public key can be sent over non-secure channels or shared in public; the private key is only available to its owner.

Known as the Diffie-Hellman key exchange, the encryption key can be openly communicated as it poses no risk to the confidentiality of encrypted messages. One party exchanges the keys to another party where they can then encrypt messages using the key and send back the cipher text. Only the decryption key—in this case, it's the private key—can decrypt that message. At no time during the Diffie-Hellman key exchange is any sensitive information at risk of compromise, as opposed to symmetrical key exchange.

Identification

In principle, the only remaining problem was to be sure (or at least confident) that a public key actually belonged to its supposed owner. Because it is possible to 'spoof' another's identity in any of several ways, this is not a trivial or easily solved problem, particularly when the two users involved have never met and know nothing about each other.

Diffie–Hellman key exchange

In 1976, Whitfield Diffie and Martin Hellman published a cryptographic protocol called the Diffie–Hellman key exchange (D–H) based on concepts developed by Hellman's PhD student Ralph Merkle. The protocol enables users to securely exchange secret keys even if an opponent is monitoring that communication channel. The D–H key exchange protocol, however, does not by itself address authentication (i.e. the problem of being sure of the actual identity of the person or 'entity' at the other end of the communication channel). Authentication is crucial when an opponent can both monitor and alter messages within the communication channel (AKA man-in-the-middle or MITM attacks) and was addressed in the fourth section of the paper.[2]

Public key infrastructure

Public key infrastructures (PKIs) have been proposed as a workaround for the problem of identity authentication. In their most usual implementation, each user applies to a “certificate authority” (CA), trusted by all parties, for a digital certificate which serves for other users as a non-tamperable authentication of identity. The infrastructure is safe, unless the CA itself is compromised. In case it is, though, many PKIs provide a way to revoke certificates so other users will not trust them. Revoked certificates are usually put in certificate revocation lists which any certificate can be matched against.

Several countries and other jurisdictions have passed legislation or issued regulations encouraging PKIs by giving (more or less) legal effect to these digital certificates (see digital signature). Many commercial firms, as well as a few government departments, have established such certificate authorities.

This does nothing to solve the problem though, as the trustworthiness of the CA itself is still not guaranteed for any particular individual. It is a form of argument from authority fallacy. For actual trustworthiness, personal verification that the certificate belongs to the CA and establishment of trust in the CA are required. This is usually not possible.

There are known cases where authoritarian governments proposed establishing so-called “national CAs” whose certificates would be mandatory to install on citizens’ devices and, once installed and trusted, could be used for monitoring, intercepting, modifying, or blocking the encrypted internet traffic.[3][4][5]

For those new to such things, these arrangements are best thought of as electronic notary endorsements that “this public key belongs to this user”. As with notary endorsements, there can be mistakes or misunderstandings in such vouchings. Additionally, the notary itself can be untrusted. There have been several high-profile public failures by assorted certificate authorities. [6] [7]

Web of trust

At the other end of the conceptual range is the web of trust system, which avoids central Certificate Authorities entirely. Each user is responsible for getting a certificate from another user before using that certificate to communicate with the user. PGP and GPG (an implementation of the OpenPGP Internet Standard) employ just such a web of trust mechanism.

Password-authenticated key agreement

Password-authenticated key agreement algorithms can perform a cryptographic key exchange utilizing knowledge of a user's password.

Quantum key exchange

Main article: quantum key distribution

Quantum key distribution exploits certain properties of quantum physics to ensure its security. It relies on the fact that observations (or measurements) of a quantum state introduces perturbations in that state. Over many systems, these perturbations are detectable as noise by the receiver, making it possible to detect man-in-the-middle attacks. Beside the correctness and completeness of quantum mechanics, the protocol assumes the availability of an authenticated channel between Alice and Bob.

See also

References

  1. ^ Emmett Dulaney, Chuck Easttom (October 5, 2017). CompTIA Security+ Study Guide: Exam SY0-501. John Wiley & Sons. ISBN 9781119416906.
  2. ^ Diffie, Whitfield; Hellman, Martin E. (November 1976). "New Directions in Cryptography" (PDF). IEEE Transactions on Information Theory. IT-22 (6): 644–654. doi:10.1109/TIT.1976.1055638.
  3. ^ Wolff, Josephine (2015-12-14). "Kazakhstan's Unsettling New Cybersecurity Plan". Slate. Retrieved 2019-01-09.
  4. ^ Shapovalova, Natalia (2016-01-05). "Security Certificate Of The Republic Of Kazakhstan: The State Will Be Able To Control The Encrypted Internet Traffic Of Users". Mondaq. Retrieved 2019-01-09.
  5. ^ "The Kremlin reportedly wants to create a state-operated center for issuing SSL certificates". Meduza. 2016-02-15. Retrieved 2019-01-09.
  6. ^ CA/Symantec Issues
  7. ^ Symantec caught once again improperly issuing illegitimate HTTPS certificates

Read other articles:

Newcomen atmospheric engine

Early engine invented by Thomas Newcomen. Schematic Newcomen engine.– Steam (pink), water (blue)– Valves open (green), valves closed (red) The atmospheric engine was invented by Thomas Newcomen in 1712, and is often referred to as the Newcomen fire engine (see below) or simply as a Newcomen engine. The engine was operated by condensing steam drawn into the cylinder, thereby creating a partial vacuum which allowed the atmospheric pressure to push the piston into the cylinder. It wa...

Roy Folkman

Israeli politician Roy FolkmanFaction represented in the Knesset2015–2019Kulanu Personal detailsBorn (1975-08-05) 5 August 1975 (age 48)Tel Aviv, Israel Roy Folkman (Hebrew: רוֹעִי פוֹלְקְמָן, born 5 August 1975) is an Israeli politician. He served as a member of the Knesset for Kulanu between 2015 and 2019. Biography During his IDF national service Folkman served as a combat medic. After leaving the army, he was involved in the Society for the Protection of Nature in I...

Список награждённых орденом Ленина в 1941 году

Основная статья: Орден Ленина 22 июня 1941 года началась Великая Отечественная война и 8 июля Президиум Верховного Совета СССР вынес первый указ о наградах за подвиги, совершённые в ходе боевых действий. Основная статья: Награждённые орденом Ленина в 1941 году за боевые подви...

Aitor Pérez

Spanish cyclist Aitor PérezPersonal informationFull nameAitor Pérez ArrietaBorn (1977-07-24) 24 July 1977 (age 46)Zegama, SpainHeight1.83 m (6 ft 0 in)Weight70 kg (154 lb)Team informationCurrent teamGios Deyser-Leon KastroDisciplineRoadRoleRiderAmateur teams2001Caja Rural2003Cafes Baque Professional teams2004Cafes Baque2005Spiuk2006–2007Caisse d'Epargne–Illes Balears2008–2009Extremadura-Spiuk2010Footon–Servetto–Fuji2011Lampre–ISD2012–Gio...

Burgruine Edenvest

Burgruine Edenvest Burgruine Edenvest Burgruine Edenvest Alternativname(n) Edenfest,Leonstein, Lewenstein, Gruberrschlössl Staat Österreich Ort Thomatal-Gruben Entstehungszeit 1147 erwähnt Burgentyp Höhenburg, Felslage Erhaltungszustand Ruine Geographische Lage 47° 4′ N, 13° 44′ O47.07280913.728269Koordinaten: 47° 4′ 22,1″ N, 13° 43′ 41,8″ O Burgruine Edenvest (Land Salzburg) p3 Die Burgruine Edenvest , auch Edenfest g...

Riho Yoshioka

Riho YoshiokaRiho Yoshioka, 2019Nama asal吉岡 里帆Lahir15 Januari 1993 (umur 30)Kyoto, JepangPekerjaanAktris, modelTahun aktif2013–sekarangAgenA-teamTinggi158 cm (5 ft 2 in) Riho Yoshioka (吉岡 里帆code: ja is deprecated , Yoshioka Riho, lahir 15 Januari 1993)[1] adalah seorang aktris, dan model gravure asal Jepang.[2] Dia pertama kali menarik perhatian setelah mendapat peran dalam serial televisi, Here Comes Asa di NHK tahun 2016.[3...

Schickelsheim

Schickelsheim Stadt Königslutter am Elm Wappen von Schickelsheim Koordinaten: 52° 15′ N, 10° 52′ O52.25361111111110.86580Koordinaten: 52° 15′ 13″ N, 10° 51′ 54″ O Höhe: 80 m ü. NHN Einwohner: 51 (1. Jul. 2021)[1] Eingemeindung: 1. März 1974 Postleitzahl: 38154 Vorwahl: 05353 Schickelsheim (Niedersachsen) Lage von Schickelsheim in Niedersachsen GutshofGutshof Schickelsheim ist ein Ortste...

طب التوليد والنسائيات

طب التوليد والنسائيات   معلومات عامة من أنواع علوم الصحة،  وطب  تعديل مصدري - تعديل   طب التوليد وأمراض النساء هو تخصص طبي يشمل التخصصات الفرعية في كل من التوليد ( الحمل والولادة وفترة ما بعد الولادة ) وأمراض النساء ( صحة الجهاز التناسلي الأنثوي - المهبل والرحم والمبي

Warren K. Moorehead

Warren King Moorehead1898Born(1866-03-10)March 10, 1866SienaDiedJanuary 5, 1939(1939-01-05) (aged 72)Xenia, OhioSignature Warren King Moorehead was known in his time as the 'Dean of American archaeology'; born in Siena, Italy to missionary parents on March 10, 1866, he died on January 5, 1939, at the age of 72, and is buried in his hometown of Xenia, Ohio. Moorehead is credited with excavating more ancient earthworks than all archaeologists before and after him.[1] Due to Moorehe...

ايزيكيل فرنانديز

ايزيكيل فرنانديز   معلومات شخصية الميلاد 3 مارس 1886(1886-03-03) الوفاة 26 مارس 1946 (60 سنة)مدينة بنما  مواطنة بنما  مناصب الحياة العملية المهنة سياسي،  ودبلوماسي  اللغات الإسبانية  التوقيع   تعديل مصدري - تعديل   ايزيكيل فرنانديز (بالإسبانية: Ezequiel Fernández Jaén)‏ (و. 1886 ...

Каїрська конференція (1921)

Доповідь про Каїрську конференцію. Березень 1921 р. Каїрська конференція 1921 р., офіційна протокольна назва Близькосхідна конференція, що відбулася в Каїрі та Єрусалимі, 12-30 березня 1921 р.— серія зустрічей британських чиновників з метою вивчення і обговорення пробле...

Punjabi TV Canada

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages) This article contains content that is written like an advertisement. Please help improve it by removing promotional content and inappropriate external links, and by adding encyclopedic content written from a neutral point of view. (July 2020) (Learn how and when to remove this template message) This article needs additional citations for ver...

Portuguese School of Equestrian Art

Portuguese School of Equestrian ArtEscola Portuguesa da Arte EquestreQueluz National Palace, seat of the Portuguese School of Equestrian ArtFormation1726; 297 years ago (1726) Refounded: 1979LocationQueluz National Palace, Sintra, Portuguese RivieraDirectorLt. Col. Paulo CandosoWebsitearteequestre.ptFormerly calledRoyal Equestrian AcademyReal Picaria Portuguesa The Escola Portuguesa de Arte Equestre (Portuguese School of Equestrian Art) is a Portuguese institution dedicated ...

Hiszpańska Szkoła Jazdy

Pokazy w Schönbrunnie Hiszpańska Dworska Szkoła Jazdy Konnej[1] (niem. Spanische Hofreitschule), także Hiszpańska Szkoła Jazdy Konnej[2], Hiszpańska Dworska Szkoła Jazdy[3], Hiszpańska Szkoła Jazdy[4][5][a] – ośrodek kultywujący tradycje klasycznego jeździectwa w Wiedniu. Najstarsza istniejąca nieprzerwanie (od renesansu) tego typu instytucja na świecie, której Hohe Schule (pol. Wyższa szkoła jazdy) wraz z wiedzą o klasycznym stylu jazdy konnej wpisane są przez UNESCO[5]...

Fan (person)

Person who is enthusiastically devoted to something or someone The Fans redirects here. For other uses, see The Fan (disambiguation), Fan (disambiguation), and FANS (disambiguation). This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages) This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be ch...

Palimanan

Beberapa atau seluruh referensi dari artikel ini mungkin tidak dapat dipercaya kebenarannya. Bantulah dengan memberikan referensi yang lebih baik atau dengan memeriksa apakah referensi telah memenuhi syarat sebagai referensi tepercaya. Referensi yang tidak benar dapat dihapus sewaktu-waktu. Komando Rayon Militer 2016/Palimanan (atau Koramil 2016/Palimanan), merupakan salah satu jajaran Koramil di bawah Kodim 0620/Kabupaten Cirebon, saat ini jabatan Komandan Koramil 2016/Palimanan di jabat Kap...

Grant (miniseries)

Television miniseries GrantPromotional posterGenreWar dramaHistorical dramaMiniseriesBased onGrantby Ron ChernowScreenplay byNicholas Greene Frederick RendinaDirected byMalcolm VenvilleStarring Justin Salinger Carel Nel Dianne Simpson Craig Jackson Brian Heydenrych Daniel Fox ComposerJacob SheaCountry of originUnited StatesOriginal languageEnglishNo. of episodes3ProductionExecutive producers Leonardo DiCaprio Jennifer Davisson Dave Sirulnick Jon Kamen Justin Wilkes Fisher Stevens Ron Chernow ...

上东站

此條目需要补充更多来源。 (2014年4月28日)请协助補充多方面可靠来源以改善这篇条目,无法查证的内容可能會因為异议提出而被移除。致使用者:请搜索一下条目的标题(来源搜索:上东站 — 网页、新闻、书籍、学术、图像),以检查网络上是否存在该主题的更多可靠来源(判定指引)。 上東站Sangdong朝鲜语名称諺文상동역朝鮮漢字上東驛馬-賴式Sangdong-yŏk文觀部式Sangd...

Sundsvall Anti-Aircraft Regiment

62°22.615′N 17°18.530′E / 62.376917°N 17.308833°E / 62.376917; 17.308833 Sundsvall Anti-Aircraft RegimentSundsvalls luftvärnsregementeActive1940–1982Country SwedenAllegianceSwedish Armed ForcesBranchSwedish ArmyTypeAnti-aircraftSizeRegimentPart ofA 4 (1940)A 9 (1940–1941)A 10 (1941–1942)II.milo (1942–1966)Milo NN (1966–1982)Garrison/HQSundsvallColorsBlue and whiteMarchSundsvalls luftvärnsregemente marsch (Ohlsson)[note 1]InsigniaBr...

Service, Office and Retail Workers' Union of Canada

SORWUCOffshore Industry Liaison CommitteeFounded1972Dissolved1986HeadquartersVancouver, British ColumbiaLocationCanadaKey peopleHelen PotrebenkoAffiliationsNone The Service, Office and Retail Workers’ Union of Canada was an independent feminist labour union based in Vancouver, British Columbia, Canada. It was organized and led by women workers, though membership was not restricted by gender. SORWUC organized across a number of industries, including bank employees, restaurant workers, and da...

Hoplia griseosquamosa
Kontes Lagu Eurovision 1984
Battery Park
Harusame (tàu khu trục Nhật)
Coptic Orthodox Church in Wales
Umbria
Paleri Manikyam: Oru Pathirakolapathakathinte Katha (novel)
Diplomacia del ping-pong
The Dumplings (TV series)
Евково (Тверская область)
Daftar Bupati Bombana
Aztec-Code
Файл:AaahBelinda.jpeg
Трудолюбівка (Доманівська селищна громада)
Поляченко Володимир Аврумович
George Affleck
Wanda Hamidah
كتاب الموضوعات
Мустафіна Алія Фаргатівна
Volxküche
Гвен Шотвелл
آلان جرينسبان
Tourismus in Griechenland
2021 BWF World Championships
Гра на пониження
Glen Allen, Alabama
65-мм гірська гармата зразка 1906 року
Stephen Gardiner
Rtichtchevo
قائمة الفائزين بميداليات في الألعاب الأولمبية الصيفية 2016
Round 2 (The Stylistics album)
2022 European Judo Championships – Men's 66 kg
EvoBus
Dany Verissimo
Subgrup Frattini
العلاقات الإيطالية الكمبودية
Lates
Tatsuya Nomi
Magyar Nemzet
Silat pengantin
Querencia
Manuel Godoy
Файл:Grindzoli.jpg
1956 United States presidential election
Futakuchi-onna
Tir aux Jeux olympiques d'été de 2016 - Pistolet à 10 m air comprimé hommes
Argonaut Games
Pertamina Gas Negara
List of Lollapalooza lineups by year
Sayyid dynasty
Llansantffraed, Monmouthshire
Richard Skog
Wirówek, Gmina Bojadła
MTV Europe Music Awards
Signalisation routière en France
122 Leadenhall Street
Башкирская академия государственной службы и управления при Главе Республики Башкортостан
荻原次晴
Sint-Martinuskerk (Houthalen)
The Chief (TV series)
Grandview Parkway (Michigan)
Tell Me a Story (TV series)
MLS Next Pro
Westcott and Hort
MVP (TV series)
James Franco
List of countries by total health expenditure per capita
The Nude Bomb
Memorial Hospital (Cumberland)
Pythagoreanism
Ann Wilson
الحظ السعيد (فيلم)
Doris Burke
James Victor Gascoyne
شريط سمعي
A Sinful Life
Viimsi Stadium (1975)
Keuskupan São Luíz de Cáceres
Dime Store Magic
Thug World Order
HMAS Gladstone (J324)
Soren Thompson
Берлінські наукові польоти на повітряних кулях (1888-1899)
The Red Lion, Hatfield
HSPB2
Suku Dayak Dusun Witu
Be My Baby (book)
Struktur Richat
IDVD
SoCal Uncensored
John E. Potter
Woman TV
Great Crosby
Undang-Undang Penyiaran
Jerusalem (Alphaville song)
Gerencia de Infraestructuras y Equipamientos de Cultura
Union Base-Ball Grounds
Bungalow (2002 film)
Lematang River
Völkerbundsmandat für Palästina
Ethel Barrymore
Mahito Tsujimura
Manuel de Irujo
Clínicas (São Paulo Metro)
Racimierz, Goleniów County
Livingston College
List of countries and dependencies by area
Julie Cypher
Збірна Швеції з футболу
第91回全国高等学校サッカー選手権大会
Walter Terence Stace
Castle of Zorita de los Canes-Alcazaba de Zorita
Mkasi
Public Quarry at Government Island
Port-au-Prince
Space Power Facility
The Conversation
Usman bin Yahya
House Calls
Michel Orcel
Garrison Concourse
Adamorobe Sign Language
List of common 3D test models
Koivusaari metro station
Alexandros Rizos Rangavis
Dugong
Lisa Maxwell (actress)
Hercules X-1
Timmy, Tommy e Jimmy
Warabi Station
Peter Sandrini
The Dreamstone (novel)
Caboolture railway station
List of twin towns and sister cities in Malta
Saijō, Ehime
La zona (film)
William Taubman
Template talk:AusLocos
T. Coraghessan Boyle
Убийство Меган Канки
Anthony, Duke of Brabant
Charles Beauclerk, 1st Duke of St Albans
Abdul Rasheed Hussain
Ni Zan
لا تشهد على قريبك شهادة زور
Marky Ramone and the Intruders
Thomas Martin O'Connor
Demographics of Russia
Budaya Thailand
Jack White (sculptor)
Patrick Collinson
Daftar rumah sakit di Kota Ambon
List of So I'm a Spider, So What characters
List of Christian heresies
Catullus 11
Districts of Germany
Juanjo (footballer, born 1987)
Toowoomba Rugby League
Udhampur
جوبالجانج
2017–18 Wellington Phoenix FC season
Francesco Carlini
2018 Montana wildfires
Anisopogon asiaticus
Krzaki, Łódź Voivodeship
Camparada
Diego Schwartzman
Alifonso I dari Aragon
Puchar Włoch w piłce nożnej kobiet
Stasiun Cheung Sha Wan
Kembang Manis, Air Padang, Bengkulu Utara
(190442) 1999 XE225
İskender Pasha Mosque, Kanlıca
Death growl
Gonçalo Teixeira
Bakers Settlement, Nova Scotia
Портал:Курская область
Dinda Surbakti
Piai Tangah, Pauh, Padang
Remove Kebab
NGC 284
Billboard Music Award untuk Top Billboard 200 Album
2001–02 Philadelphia 76ers season
Senior
Bandar Udara Amborovy
卡洛·马泰乌奇
和田薫 (作曲家)
Tegalombo, Dukuhseti, Pati
絵梦
Korpus
Elastic properties of the elements (data page)
Umepride
Hậu chấn tâm lý
Thomas Nelson
Killing of Chandini
HAS2
Grodno Region
Demographics of Raëlism
Delta Lake (lanaw sa Kanada, Alberta)
莫维尔 (孚日省)
Daftar sungai di Jambi
Bernard Whyte
Концерт в яйце
Kinjiro Shimizu
Jenifer Lewis
Religio licita
Pulau Ujungsalama'
VCA Animal Hospitals
Armando Abadía
Friidrett under Sommer-OL 1988 – 200 meter kvinner
Mto Wangodeyogwok
John Murray (boxer)
Blue Note Records discography
Pagsasao a Kurti
Mycena ixoleuca
Yağlı Dere (suba sa Turkeya, Gümüşhane)
Совар
Вес
Karl Schöchlin
Río Santa María (suba sa Kolombiya, Departamento del Putumayo)
Three-pass protocol
Lygaeus multiguttatus
County Line Branch (suba sa Tinipong Bansa, Virginia)
Вікторівка (зупинний пункт)
Palacio consistorial de Morley
Accidente ferroviario de Buenos Aires de 1958
Sint-Jan Baptistkerk (Sint-Jan)
Championnat de Suède de football 1999
Сибирское вече
Pseudopsallus plagiatus
‘Ayn ar Ruzz
Gezamenlijke commissie voor presidentiële inauguraties
John Loder (acteur)
Tambakrejo, Krembung, Sidoarjo
Polk
Reagan (filme)
Quirino (panangilawlawag)
Robert d'Auvergne (mort en 1234)
Kyburg
Yahara Mikio
Freila
Mary Hilliard Hinton
Atrevida-class corvette
Awá (Cuaiquer)
Wall Ferraz
User talk:ArtifexMayhem/Archive 3
Pīpkalonija
Tolohomiady
Noel Martin