2

I know session keys are exchanged (in SSL e.g.) over public-key cryptography channels but I was wondering if there are already known algorithms/methods for exchanging session keys over a symmetric-key channel? More specifically, is it possible/feasible to e.g. exchange 128-bit AES keys over a channel already using 128-bit AES keys?

If so, where can I read about them? IF not, why not? Is it not a good idea or can't be secured?

Possibly related: Deriving Keys for Symmetric Encryption and Authentication

Community
  • 1
mmtauqir
  • 125
  • 4

1 Answers1

3

With symmetric encryption, any key exchange protocol you run inside the encrypted channel must also be secure when run in plain text, if you want perfect forward secrecy. That means you can only rely on the previously established keys for authentication (you are using authenticated encryption, right?), but not for hiding the new keys.

Diffie–Hellman key exchange is probably the simplest option. Generate random keys, exchange the public parts inside the existing channel and derive the shared secret that you can use to derive any session keys you need. On its own it is vulnerable to MitM, but if you run it inside the authenticated channel you avoid that.

Related: Why do we need asymmetric algorithms for key exchange?

Community
  • 1
otus
  • 32,462
  • 5
  • 75
  • 167