Key exchange

cryptographic protocol enabling the sharing of a secret key over an insecure channel

Key exchange is any method in cryptography by which cryptographic keys are exchanged between users, allowing use of a cryptographic system.

If two parties wish to exchange encrypted messages, each needs to know how to decrypt received messages and to encrypt sent messages. The information they require to do so depends on the encryption technique they might use. If they use a code, both will require a copy of the same codebook. If they use a cipher, they will need appropriate keys. If the cipher is a symmetric key cipher, both will need a copy of the same key. If an asymmetric key cipher with the public/private key property, both will need the other's public key.

The key exchange problem is how to exchange whatever keys or other information needed so, in such a way, that no one else can obtain a copy. Usually, this required trusted secure channel. With the arrival of (public key / private key) cipher algorithms, the encrypting key (aka, the public key) could be made public, since (at least for "high quality" ciphers) no one without the decrypting key (aka, the private key) could decrypt the message.

In principle, then, the only remaining problem was to be sure that a public key actually belonged to its claimed owner, this is not a problem easy to solve; specially when the two users involved have never met and know nothing about each other.

In 1976, Whitfield Diffie and Martin Hellman published a cryptographic protocol, (Diffie-Hellman key exchange), which allows users to establish secure channels in order to exchange keys, even if an attacker is monitoring that communication channel. However, Diffie-Hellman key exchange did not address the "identity authentication" problem of being sure of the actual identity of the person or an entity.

Public key infrastructures have been proposed go around the problem of "identity authentication". In their most usual implementation, each user applies to a "certificate authority" for a digital certificate which serves for other users as a correct (termed: non-tamperable) authentication of identity.

In contrast, the web of trust system, which do not use central "certificate authority" at all. Each user is responsible for verifying any certificate from another user before using that certificate to communicate with the user who claims to be associated with the particular public key in a certificate, (see digital signatures).

The problem of key exchange has not yet been solved. In particular, it has not yet been solved for the modern situation of two previously unknown users attempting to communicate electronically, as, for instance, in electronic commerce. Some of the existing work-around designs work, more or less, but are not fully satisfactory.

change