Questions tagged [key-exchange]

For questions relating to protocols for distributing public keys, and / or establishing session keys with another party. Examples of key exchange protocols include Diffie-Hellman and IKE.

A key exchange protocol is a method to construct and distribute a key among several parties, protecting it from malicious parties. A key exchange is often conducted soon after establishing a communication channel in order for the parties to agree on a session key.

Some examples of key exchange protocols are:

diffie-hellman Diffie-Hellman, which allows the same key to be built by two communicating parties, without revealing the key to an attacker who can eavesdrop on the communication.
PAKE, offered by various network protocols.
ike IKE, the protocol to set up a security association for ipsec IPsec.

299 questions

votes

5 answers

Can we trust onetimesecret?

Alice: I need the file Bob: Sure, and I want to encrypt it first. Please put the strong PGP symmetric key with the copy&paste method to https://onetimesecret.com/ and send me the link. Alice. Done, the URL is xxxxxxxx Bob: Very funny, the link is…

key-exchange

asked Apr 27 '18 at 04:34

Manuel Rodriguez

votes

0 answers

Can SRP be implemented using libsodium

I am using libsodium for cryptography and I want to use SRP for key exchange. The wikipedia page lists a python example, but I am not sure if and how I could convert this to libsodium function calls. Is it possible or would I need to implement some…

key-exchange

asked Dec 19 '15 at 14:17

Nathan

votes

2 answers

Purpose of key confirmation

Among the requirements for a secure key exchange is the key confirmation. I wonder why is this step required. Even if the other party hasn't computed a correct value for the shared secret, it doesn't matter. It won't be able to decipher the…

key-exchange

asked Nov 08 '13 at 11:31

elena

votes

1 answer

What's the purpose of anonymous Diffie-Hellman key exchange + verification?

I attended a lecture where a procedure for solving the problem of passive attackers being able to gain knowledge about the identities of communication partners using an authenticated Diffie-Hellman key exchange was presented. The solution looks like…

key-exchange

asked Sep 28 '17 at 19:48

UTF-8

2,340
1
11
24

votes

2 answers

Key distribution and key exchange for simple secure FTP implementation

I'm developing a simple secure file transfer protocol for a University project using openssl. I have a Client (let be C) and a Server (let be S). C will send to S messages like get, put, cd, … and S will send paths or files depending on which…

key-exchange

asked Jun 09 '13 at 15:03

Edge7

votes

1 answer

Picking exponents for Diffie-Hellman

I'm taking a class on Cryptography and the professor mentioned that given mod N and base g with a certain order, you should pick powers m and n such that they create a certain property with the order of g. I wasn't completely sure of what he said…

key-exchange

asked Apr 10 '13 at 17:47

J Queen

votes

1 answer

How does "Key Transparency" work?

A few days ago, Google published Key Transparency to solve the problem of verifying the key fingerprints of e.g. your chat partners. Unfortunately, I don't really understand how Key Transparency works. Can someone explain it in simple words or with…

key-exchange

asked Jan 22 '17 at 21:51

Aliquis

votes

1 answer

Key Exchange algorithm to be used for REST framework

I was required to create key exchange module for custom Rest framework which supports document level security in REST requests. Framework has its own security module which allows to encrypt parameter entities in rest request when keys available. I…

key-exchange

asked Dec 31 '13 at 07:27

egaweh

votes

2 answers

does a public key work with all encrypted programs

let us say, I use program "x" for my e-mail security. through them I have a public key and a private key. My friend uses program "y" for their e-mail security and consequentially have a public key and a private key. The question is when I use my…

key-exchange

asked Dec 30 '13 at 00:52

saad Sobhy

votes

0 answers

Any facts that users’ secret key is stolen on some group?

I am wondering whether some severe accidents due to sharing a secret key exist in real world. A group of users or a company typically share a secret key to decrypt some shared encrypted data possibly stored on cloud storage. However, each user has…

key-exchange

asked Apr 30 '18 at 13:05

mallea

votes

2 answers

Public key distribution through a file sharing service

Would you trust a reputedly secure file sharing service for public key distribution? In my context, I cannot use certificates. Key servers seem to require PGP/GPG formats yet I'm using Microsoft CngKey format in my app, hence this question.

key-exchange

asked Jan 07 '17 at 01:31

Frank