Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [key-exchange]

Key exchange protocols allow two parties to produce a secret session key over a public channel.

Key exchange protocols allow two entities to produce a secret session key over a public channel.

There is generally two types: key agreement means both entities contribute to the session key (e.g., Diffie-Hellman) while key transport means one entity generates the key and sends it to the other.

For key exchange to be (mutually) authenticated, each entity must possess a genuine copy of the other entity's public key, or they must share a secret fixed before.

693 questions
90
votes
10 answers

In end-to-end encryption, doesn't the server need to be trusted?

Applications like WhatsApp use end to end encryption. WhatsApp says that only the users share a specific key and no third party can view the messages. But I do not understand how the two users agree on the shared key. It must have been transferred…
AV94
  • 1,019
  • 1
  • 8
  • 6
57
votes
2 answers

ECDSA vs ECIES vs ECDH

Recently I started studying Elliptic Curve Cryptography and I just loved it. I want to transfer some big data (like 3KB), What is the best method, ECDSA, ECIES, or ECDH (and why)? I am confused, how should I choose between ECDSA, ECIES and ECDH?
user3160055
  • 673
  • 1
  • 6
  • 4
51
votes
2 answers

Differences between the terms "pre-master secret", "master secret", "private key", and "shared secret"?

Both crypto.SE and security.SE have excellent Q&As about how TLS generates session keys (I have linked some at the bottom). In reading these threads I'm having troubles with terminology since the following terms seem to be used with overlapping…
Mike Ounsworth
  • 3,717
  • 1
  • 20
  • 29
51
votes
5 answers

Can one generalize the Diffie-Hellman key exchange to three or more parties?

Does anyone know how to do a Diffie-Hellman or ECDH key exchange with more than two parties? I know how to do a key exchange between 2 parties, but I need to be able to have a key agreement between 3 or more parties.
hobeau
  • 863
  • 1
  • 10
  • 11
35
votes
7 answers

Is Diffie-Hellman mathematically the same as RSA?

Is the Diffie-Hellman key exchange the same as RSA? Diffie Hellman allows key exchange on a observed wire – but so can RSA. Alice and Bob want to exchange a key – Big brother is watching everything. Bob makes a fresh RSA key pair and sends his…
joe armstrong
34
votes
1 answer

Does the generator size matter in Diffie-Hellman?

For the Diffie-Hellman protocol I've heard that the generator 3 is as safe as any other generator. Yet, 32-bit or 256-bit exponents are sometimes used as generators. What is the benefit of using these very large generators if they are just as safe…
jnm2
  • 582
  • 5
  • 11
33
votes
3 answers

How can I make sure non-open source programs are really using end-to-end encryption?

Without going deep into math, is there a way to make sure that non-open source programs like WhatsApp, FaceTime, Zoom, etc. are really using end-to-end encryption instead of just 'regular encryption' (i.e. the server has the cryptographic keys)?
Fulalas
  • 431
  • 4
  • 5
31
votes
2 answers

How does one verify a GPG/PGP key revocation?

After revoking a key and sending the revocation to MIT's keyserver, I noticed that the key is listed as such: pub 2048R/XXXXXXXX 2011-01-01 *** KEY REVOKED *** [not verified] Who is responsible for the 'verification of the revocation'? Does the…
earthmeLon
  • 440
  • 6
  • 12
28
votes
5 answers

What is the post-quantum cryptography alternative to Diffie-Hellman?

Post-quantum cryptography concentrates on cryptographic algorithms that remain secure in the face of large scale quantum computers. In general, the main focus seems to be on public-key encryption algorithms and public-key signature algorithms - but…
Nakedible
  • 1,460
  • 11
  • 15
28
votes
1 answer

Multi-party encryption algorithm

To give some foreground information: I acknowledge that I am a cryptography newb and not by any means an expert (and probably never will be). In a recent CS class we had several assignments writing and implementing RSA and Diffie-Hellman. It was fun…
Nikole
  • 383
  • 1
  • 3
  • 4
26
votes
4 answers

What makes Quantum Cryptography secure?

This is my current understanding of how Quantum Cryptography works: (The first bit is Quantum Key Distribution) Alice sends a beam of photons to Bob through a quantum channel such as an optical fiber. Each of these photons represent a bit of…
lal lal
  • 373
  • 3
  • 7
19
votes
2 answers

Is there any SRP-like key exchange only using "standard" cryptographic primitives?

I am looking into PAKEs (password-authenticated key exchanges), and it seems like SRP (Secure Remote Password) is essentially the de-facto standard. However, implementing SRP actually requires doing modular arithmetic, and is similar to, say,…
ithisa
  • 1,111
  • 1
  • 10
  • 23
19
votes
1 answer

Why do we need Diffie Hellman?

Diffie–Hellman offers secure key exchange only if sides are authenticated. For authentication, sides are using public/private key. So if side A knows the public key of the side B, then A can simply use that key to encrypt the message (or the new…
piotrek
  • 293
  • 2
  • 7
18
votes
2 answers

Is HTTPS secure if someone snoops the initial handshake?

Let's say I'm on an open wireless network that's being actively sniffed and I connect to an HTTPS site. Even though my subsequent traffic is encrypted, couldn't the sniffer use the data from the initial (non-secure) handshake to decrypt my…
user319
  • 183
  • 1
  • 4
17
votes
1 answer

Curve25519 over Ed25519 for key exchange? Why?

I've been reading up on the Signal Protocol (in this PDF) and it seems to be using Curve25519 for ECDH and EdDSA (with Ed25519) for signatures. My question is why not use only Ed25519? This implementation supports Ed25519 and key exchange so what is…
OughtToPrevail
  • 374
  • 4
  • 17
1
2 3
45 46