Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [keys]

Private and secret keys consists of secret information used as input to various kinds of cryptographic algorithms such as encryption, signature and MAC to select the concrete transformation done by the algorithm.

Asymmetric cryptography commonly uses pairs of one private and public keys. Symmetric cryptosystems use the same secret key for all participants.

Algorithms and protocols should be designed not to leak information about the secret/private key even if the attacker can control all other input and see all output.

Suitable questions for this tag could be about key generation, key size considerations, key agreement (DH) or key derivation. Key derivation can be split into derivation from other keys (KBKDF) or from passwords (PBKDF).

Sometimes - notably in books / lectures of Dr Katz - secret keys are used in asymmetric cryptosystems while private keys are used for symmetric cryptosystems. This is however usually not the case.

885 questions
15
votes
3 answers

Where do I securely store the key for a system where the source is visible?

I have a customer with an Access database (ugh!) in which credit cards are stored in plaintext (yikes!), so amongst other changes I'm doing in the app, I'm applying some encryption in there. I've used Rijndael as the algorithm of choice, but I'm…
Rob Cowell
  • 253
  • 1
  • 6
9
votes
5 answers

Why in cryptographic schemes we always assume that the key and plaintext are independent?

Why do we always assume in cryptographic schemes that the key and plaintext are independent? What if the plaintext depends on the key? How can this endanger security? Is this assumption essential for both symmetric and asymmetric algorithms?
ssss
  • 101
  • 3
5
votes
1 answer

What is logical key hierarchy (LKH)?

The question "Virtual key generation in Logical Key Hierarchy" asks how specific keys are constructed in LKH. Since I haven't heard of it and it isn't immediately obvious (not even from the linked RFC) what it does or how, can somebody provide a…
Elias
  • 4,903
  • 1
  • 14
  • 31
5
votes
4 answers

Why does an algorithm need a keyspace?

Why does an algorithm need a keyspace? I thought the person encrypting would define his/her own key.
user25260
3
votes
1 answer

Modes for encrypting small binary blobs?

Suppose I am building an encrypted document storage system. Suppose each user has a "user key": a symmetric key. Suppose each document is encrypted with a "document key". So, in order to give a user access to a document, we store a tuple of…
David
  • 334
  • 2
  • 9
3
votes
2 answers

Can you use the same key to provide a signature and a MAC?

Apologies if this is a stupid question, but I'd be grateful if someone could provide an answer. I'm assuming that you need to use different keys to provide these functions, is that correct?
Alberto
  • 31
  • 1
2
votes
2 answers

Trustless exchange without a third party

Is there a cryptographic (or even not entirely cryptographic) way of exchanging objects between Alice and Bob that would not require a third party, and Alice and Bob would not need to trust each other? For example, Alice and Bob have Y and X objects…
Lee
  • 21
  • 1
2
votes
1 answer

Do I need two keys for AES CBC and HMAC or can I use the same key for both operations?

I am setting up a Python program to encipher messages on the following basis: -from my password, generate 32-byte key from SHA256(password) -generate a 16-byte IV from a PRNG -measure the length of the plaintext and express as 2 bytes (my plaintext…
user2256790
  • 433
  • 4
  • 12
1
vote
1 answer

How are cryptographic tokens and secret keys different?

Can someone throw light on the differences between tokens and secret keys? I understand that "tokens" are crypto artefacts "introduced" into a system by an external party in order to authenticate whereas keys can be either generated on the device…
tweet
  • 11
  • 1
1
vote
2 answers

Key generation times vs CPU load

Does the key generation time affect the CPU load in a mobile phone, an embedded device? I am searching on Google for info, but I am not fully sure that I have concluded to something.
just_learning
  • 187
  • 9
1
vote
1 answer

Key space math clarification

The following table specifies a cryptosystem based around a very simple encryption algorithm with four different plaintexts A, B, C and D (one corresponding to each row) and four different ciphertexts A, B, C and D. The encryption algorithm has five…
Michael
1
vote
1 answer

Only remember part and format of BitLocker password

I am a complete novice to the field, however I made the mistake of locking my Macbook bootcamp partition with a bitlocker password which I cannot remember entirely. There isn't much irreplaceable data on the partition, but I would like to know…
esi183
  • 11
  • 1
1
vote
1 answer

What is the purpose of key strengthening?

I recently came across this term and after some research found this article which states the following: An alternative approach, called key strengthening, extends the key with a random salt, but then (unlike in key stretching) securely deletes the…
Trey
  • 189
  • 1
  • 15
1
vote
1 answer

Encryption and decryption using multiple different keys

I want to encrypt files, wich can be decrypted and encrypted by multiple different keys. Is there any algorithm which can accomplish this? Example (Each user has a different key): User 1 encrypts a file with his key User 2 decrypts the file, adds…
Lukas T
  • 13
  • 3
1
vote
0 answers

Specifications for key management

Does anyone know of any commonly accepted or standard specifications for languages, modelling, diagramming, etc. for specifying and describing the life cycle of keys in a system? Thanks.
Mr. Stone
  • 448
  • 3
  • 7
1
2