Table of Contents Categories
  Encyclosphere.org ENCYCLOREADER
  supported by EncyclosphereKSF

Key (cryptography)

From Citizendium - Reading time: 3 min
This article is a stub and thus not approved.
 Main Article
 Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
https://en.citizendium.org/wiki/index.php?title=Key_(cryptography)&printable=yes
This editable Main Article is under development and subject to a disclaimer.

In cryptography, a key is some set data which, in combination with a cryptographic algorithm, introduces or removes the concealment applied to plaintext or taken to ciphertext. This discussion deals with the nature of keys (e.g., binary strings of length , text phrases), the basis of generating good and bad keys, the types of keys (e.g., session key, key distribution key, public key, key generating key)

Key management is a related but separate discipline of secure distribution of keys and entering them into cryptosystem, as well as technical administration practices such as authentication#authenticating keys, revoking keys, and parameterizing session-level key changes.

Characteristics of keys[edit]

Modern keys, which are directly compatible with cryptosystems, are binary strings. When needed for human readability, they are, most commonly, represented in hexadecimal.

Key length[edit]

The most essential attribute of a binary key is its length in bits. Different cryptosystems can provide better or worse security with a key of the same length, but, in general, a key that offers any appreciable level of security will be at least 256 bits long.

Key period[edit]

If a key changes frequently, it may be shorter than one that changes less frequently. A key that is used only for specialized, small-volume functions, such as key distribution keys, conceptually could be shorter because so little traffic is encrypted with it. In practice, the specialized keys have a long period and cover extremely sensitive functions, so the computational overhead of a long key can well be justified; a 1024-bit key distribution key might be used to distribute 256-bit secret keys, from which 64-bit session keys might be generated.

Bad keys[edit]

Within the constraints of its length, a key should not have a strong pattern such as all ones or all zeroes. Certain other patterns also are unwise, such as a repeated 8-bit pattern corresponding to an ASCII character. In fact, using any ASCII text is a bad idea because the top bits of every byte are zero, a highly undesirable characteristic in a key.

Text in any human language and any character set makes a poor key because it is partly predictable. When a key must be generated from text a human can remember, normal practice is to apply a cryptographic hash to the text before using it as a key. The passphrases (not just passwords) used for this must be long; estimates of the entropy of normal English text run about one bit per character, which means that to get a strong n-bit key, you need about n characters in the passphrase.

Persistent keys[edit]

Persistent keys are commonly managed by key distribution mechanisms. Depending on the application, some keys are public with respect to some community, while others must be kept secret. A subset of keys that must be kept secret are private keys, which imply the existence of an associated public key.

Transient keys[edit]

Transient keys, often referred to as session keys, are generated by operating cryptosystems, have short lifetimes, and are not entered into a formal key management system. The particular cryptosystem will have mechanisms for secure agreement on transient keys among parties to the communication. One common method is the Diffie-Hellman key agreement protocol.

References[edit]

Licensed under CC BY-SA 3.0 | Source: https://citizendium.org/wiki/Key_(cryptography)
16 views | Status: cached on September 15 2024 04:03:45
↧ Download this article as ZWI file
Encyclosphere.org EncycloReader is supported by the EncyclosphereKSF