Thu. Jan 26th, 2023

Key exchange

What is it?

Key exchange is the process of exchanging cryptographic keys in a secure manner over an insecure medium – for example, using the Internet to exchange data.

Because this is taking place before encryption has been initialised (it is the required prior step), this happens in plain text.

The steps involved are as follows:

  • Parties A and B have a common starting value
  • Party A has its own secret value, which is secret
  • Party B has its own secret value, which is secret
  • Party A takes the common starting value and ‘processes’ it with its secret value
  • Party B takes the common starting value and ‘processes’ it with its secret value
  • At this point, A and B exchange their processed values. They will currently be different.
  • Once the exchange has taken place, A and B both process the newly received values with their private values. This results in both A and B now possessing the same value – the key for communication between them.

This has resulted in keys being exchanged to allow symmetric encryption without revealing the key at any point.

Where is it used?

Anywhere that requires keys to be exchanged – for example, internet communications.

Further Reading

https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange