Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [key-exchange]

Key exchange protocols allow two parties to produce a secret session key over a public channel.

Key exchange protocols allow two entities to produce a secret session key over a public channel.

There is generally two types: key agreement means both entities contribute to the session key (e.g., Diffie-Hellman) while key transport means one entity generates the key and sends it to the other.

For key exchange to be (mutually) authenticated, each entity must possess a genuine copy of the other entity's public key, or they must share a secret fixed before.

664 questions
9
votes
2 answers

What asymmetric key exchange algorithms are known besides DH?

On Wikipedia, a lot of the subjects that are said to be different key exchange methods are often just protocols that incorporate the Diffie-Hellman algorithm into them. The only other key exchange algorithm I know of besides DH is Algebraic Eraser,…
Melab
  • 3,655
  • 2
  • 22
  • 44
5
votes
2 answers

Is asynchronous perfect forward secrecy possible?

DH key agreement protocols require the participation of both parties, so are only suitable for synchronous connections. Is it possible to implement PFS in a fashion usable for asynchronous protocols, like e-mail, or storage? I'm intuitively…
David
  • 334
  • 2
  • 9
4
votes
1 answer

Why would you ever need Key exchange algorithms, when you can use public key encryption?

Key exchange algorithms make it possible to establish a shared secret key. But isn't a shared secret always just as powerful as each party creating a public/private key pair and sending each other their public key, and using that for exchanging…
hgiesel
  • 141
  • 5
4
votes
2 answers

Why is (gy, gx) signed in STS (station-to-station)?

My question relates to the station-to-station protocol as described in https://en.wikipedia.org/wiki/Station-to-Station_protocol [1] and http://cacr.uwaterloo.ca/hac/ [2] p 519. (1) Alice → Bob : gx (2) Alice ← Bob : gy, EK(SB(gy, gx)) (3) Alice →…
Frans Lundberg
  • 375
  • 1
  • 7
3
votes
0 answers

XDH vs DH and ECDSA vs EDDSA

I am new to security area. I came across mutiple words I can't understand and there is little infomration I can get from google. What is XDH/XEC, is the X means 'enhanced'? Are they just have a different way of generating key pair? According to…
Nick Allen
  • 131
  • 2
3
votes
1 answer

Why does dragonfly key exchange need hunting and pecking?

The dragonfly key exchange scheme (as used by WPA3) received criticism because the way it chooses a generator of the elliptic curve group ('hunting and pecking') is a non-constant time algorithm making it vulnerable to side-channel attacks. My…
omgold
  • 33
  • 3
3
votes
3 answers

Multi-party key agreement

I have done a google search for "multi-party key agreement", and there doesn't seem to be anything more recent than about 2005. Are there any practical multi-party key agreement protocols known? To be more precise, I want a protocol which: Allows…
Martin Bonner supports Monica
  • 266
  • 2
  • 11
3
votes
0 answers

Can I get an explanation of HDCP's key exchange protocol?

I'm talking about HDCP v1.x. The specification is a too dense for me and easy-to-understand information about it on the net is scarce. What I've gathered is: that there is a master key that is a 40-by-40 matrix of 56-bit values. each device that is…
Melab
  • 3,655
  • 2
  • 22
  • 44
3
votes
2 answers

How to extract an AES key which resides in a TR-31 keyblock

I have a version D TR-31 keyblock (which contains an AES Key for use in CMAC), and have the ZCMK key used, what is the method which I can use to extract the key from the TR-31 keyblock? I'll do my own development.
Manuel Alcala
  • 31
  • 2
2
votes
1 answer

Intuitive explanation for key exchange with public/private keys

I want to teach some people about crypto basics, and one of the topic will be key exchange with a public and private keys. The audience is made of people working in InfoSec, but mostly junior fresh out of school. I am looking for a…
Potatoes613
  • 21
  • 2
2
votes
2 answers

How to exchange keys despite a MITM, using some short known password?

The simple scenario is two devices on one WiFi network sitting side by side. The user can copy a short code from one device to the other to be the "password" however this code can't be too long. Let's assume it's at most 12 decimal digits. The…
ispiro
  • 2,005
  • 2
  • 18
  • 29
2
votes
1 answer

Fair exchange vs Exchange of secrets

I have started reading "How to Exchange Secrets with Oblivious Transfer" (PDF) "On the impossibility of fair exchange without trusted parties" (PDF) I found the abstract of those these two work to be contraddicting. Are we saying that exchange of…
graphtheory92
  • 773
  • 5
  • 14
2
votes
3 answers

Secret key agreement by public discussion from common information

There is a paper: U. M. Maurer, Secret key agreement by public discussion from common information, IEEE Trans. Inf. Theory, 39(3) 733-742 of 1993, with an IMHO fairly impressive title but having apparently for some unknown reasons been hithertofore…
Mok-Kong Shen
  • 1,312
  • 1
  • 11
  • 15
2
votes
1 answer

Exchanging keys via third party

In many symmetric key ciphers sender and receiver have to exchange a single key. They may also do it through 3rd party who distributes it to both of them. since 3rd party can read all messages exchanged between them It can have disastrous impact on…
CuriousCurie
  • 103
  • 5
2
votes
1 answer

Mutual authorization using a pre-shared key

I'd like for two machines on a network to be able to prove to each other that they both have knowledge of a pre-shared secret, without revealing the secret to each other. Let's assume that all traffic over the connection between the parties, A and…
Kira
  • 21
  • 3
1
2 3