- Cryptography Tutorial
- Cryptography - Home
- Cryptography - Origin
- Cryptography - History
- Cryptography - Principles
- Cryptography - Applications
- Cryptography - Benefits & Drawbacks
- Cryptography - Modern Age
- Cryptography - Traditional Ciphers
- Cryptography - Need for Encryption
- Cryptography - Double Strength Encryption
- Cryptosystems
- Cryptosystems
- Cryptosystems - Components
- Attacks On Cryptosystem
- Cryptosystems - Rainbow table attack
- Cryptosystems - Dictionary attack
- Cryptosystems - Brute force attack
- Cryptosystems - Cryptanalysis Techniques
- Types of Cryptography
- Cryptosystems - Types
- Public Key Encryption
- Modern Symmetric Key Encryption
- Cryptography Hash functions
- Key Management
- Cryptosystems - Key Generation
- Cryptosystems - Key Storage
- Cryptosystems - Key Distribution
- Cryptosystems - Key Revocation
- Block Ciphers
- Cryptosystems - Stream Cipher
- Cryptography - Block Cipher
- Cryptography - Feistel Block Cipher
- Block Cipher Modes of Operation
- Electronic Code Book (ECB) Mode
- Cipher Block Chaining (CBC) Mode
- Cipher Feedback (CFB) Mode
- Output Feedback (OFB) Mode
- Counter (CTR) Mode
- Classic Ciphers
- Cryptography - Reverse Cipher
- Cryptography - Caesar Cipher
- Cryptography - ROT13 Algorithm
- Cryptography - Transposition Cipher
- Cryptography - Encryption Transposition Cipher
- Cryptography - Decryption Transposition Cipher
- Cryptography - Multiplicative Cipher
- Cryptography - Affine Ciphers
- Cryptography - Simple Substitution Cipher
- Cryptography - Encryption of Simple Substitution Cipher
- Cryptography - Decryption of Simple Substitution Cipher
- Cryptography - Vigenere Cipher
- Cryptography - Implementing Vigenere Cipher
- Modern Ciphers
- Base64 Encoding & Decoding
- Cryptography - XOR Encryption
- Substitution techniques
- Cryptography - MonoAlphabetic Cipher
- Cryptography - Hacking Monoalphabetic Cipher
- Cryptography - Polyalphabetic Cipher
- Cryptography - Playfair Cipher
- Cryptography - Hill Cipher
- Polyalphabetic Ciphers
- Cryptography - One-Time Pad Cipher
- Implementation of One Time Pad Cipher
- Cryptography - Transposition Techniques
- Cryptography - Rail Fence Cipher
- Symmetric Algorithms
- Data Encryption Standard
- Triple DES
- Advanced Encryption Standard
- Data Integrity in Cryptography
- Data Integrity in Cryptography
- Message Authentication
- Cryptography Digital signatures
- Public Key Infrastructure
- Cryptography Useful Resources
- Cryptography - Quick Guide
- Cryptography - Discussion
Cryptography - Key Distribution
Two parties may exchange cryptographic keys through a procedure known as key exchange, also known as key distribution, in order to use a cryptographic algorithm.
For messages to be exchanged via encryption, both the sender and the recipient must be able to encrypt and decrypt them. Depending on the kind of encryption they want to use different technologies are required. Both will need a copy of the same codebook if they use a code. They will need the right keys if they utilise a cipher. Both will require a copy of the same key if the cipher uses symmetric keys. Both parties will need the public key of the other if the key cipher is asymmetric and has the public/private key characteristic.
Channel of Distribution
Key Distribution is possible in-band or out-of-band.
"Channel of distribution" means the way information or keys are swapped between two parties.
"Key exchange" is when two parties share secret codes or 'keys' to communicate securely.
"In-band" key exchange means the keys are swapped through the same communication channel being used for the actual data.
"Out-of-band" key exchange means the keys are shared through a separate, different communication channel from the one used for the actual data.
The Key Exchange Problem
The goal of the key distribution problem is to safely change the keys so that communications are only read by those who are intended to see them.
Messages were encrypted using just one encryption code in the past. But they needed to find a way to pass this key between them so that no one else could figure it out in order to communicate safely.
We now have a very advanced technology known as public-key cryptography. It makes use of two keys: a private one that is kept hidden and a public one that is freely shared. Messages can be encrypted with one key and decrypted with another.
A well-known technique that allows parties to freely distribute keys without compromising the security of their messages is the Diffie-Hellman key exchange. It is far more secure than exchanging secret codes in the past.
Now let us discuss all the problem for key exchange −
Symmetric Key Distribution
The conventional approach, known as symmetric key distribution, uses a single secret key that is shared by both sides. Before communicating, they exchange this key via a secure channel.
Public Key Distribution
With this approach, a public key and a private key are given to each users. While the private key is kept confidential, the public key is freely shared. The recipient's public key is used to encrypt messages, while their private key is used to decrypt them.
Diffie−Hellman key exchange
Based on ideas created by Ralph Merkle, Martin Hellman's PhD student, Whitfield Diffie and Hellman published the Diffie−Hellman key exchange (D−H) cryptography protocol in 1976. Users can safely exchange secret keys because of the protocol, even if someone else is keeping an eye on the communication channel. However, authentication-that is, the issue of knowing for sure the true identity of the person or "entity" on the other end of the communication channel-is not addressed by the D−H key exchange protocol on its own. Authentication is important when an adversary can track and modify messages within the communication channel (also known as man-in-the-middle or MITM attacks).
Public key infrastructure
The issue of identity authentication has been addressed with the proposal of public key infrastructures (PKIs). In their most common application, each user requests for a digital certificate from a "certificate authority" (CA) that is universally trusted. This certificate acts as an immutable means of identity verification for other users. Even in the event that the CA is hacked, the infrastructure is secure. However, a lot of PKIs offer a mechanism to revoke certificates in case such happens, making other users suspicious of them. Certificate revocation lists, against which any certificate can be compared, are often where revoked certificates are stored.
Legislation or regulations supporting PKIs have been passed in a number of nations and other jurisdictions, providing these digital certificates with some degree of legal standing.
Quantum key exchange
The use of unique features of small particles known as quantum physics in quantum key distribution makes secrets highly encrypted. These particles undergo minor modifications as we observe or quantify them.
Using this technology, an attempt to track on a discussion between two people will cause the particles to become impacted, notifying us to the possibility of an issue.
This technique only functions if Alice and Bob, the individuals, already set up a unique, secure means of communication.
Kerberos Protocol
The Kerberos protocol is a network authentication system that offers safe communication over insecure networks by using symmetric key cryptography. It distributes session keys and performs user authentication using a reliable third party called the Key Distribution Centre (KDC).
To Continue Learning Please Login