How are the encryption key shared between devices..

  1. Home
  2. Blog
  3. Cisco Enterprise
  4. How are the encryption key shared between devices
How are the encryption key shared between devices | Blog | Adroit Information Technology Academy (AITA)

How are the encryption key shared between devices

  • Posted: Jan 23, 2020
  • By: Admin
  • Category: Cisco Enterprise

Key Management System

This is the management of cryptographic keys in a cryptosystem, deals with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.

Key management concerns keys at the user level, either between users or systems. This is in difference to key scheduling, which typically refers to the internal handling of keys within the operation of a cipher. 

Types of Encryption Keys

Symmetric Keys: Data-at-Rest

In symmetric key cryptography, the same encryption key is used to both encrypt and decrypt the data. This means of encryption is used primarily to protect data at rest. An example would be to encrypt sensitive data into cipher text while it is stored in a database and decrypt it to plain text when it is accessed by an authorized user, and vice versa.

Asymmetric Keys: Data-in-Motion

Asymmetric keys are a pair of keys for the encryption and decryption of the data. Both keys are related to each other and created at the same time. They are referred to as a public and a private key:

  • Public Key: this key is primarily used to encrypt the data and can be freely given as it will be used to encrypt data, not decrypt it.
  • Private Key: this key is used to decrypt the data that its counterpart, the public key, has encrypted. This key must be safeguarded as it is the only key that can decrypt the encrypted data.
  • Asymmetric keys are primarily used to secure data-in-motion. An example might be a virtual private network (VPN) connection. With a VPN:
    • An AES symmetric session key is used to encrypt the data
      • A Public Key is used to encrypt the session key
    • Once the encrypted data is received, the Private Key is used to decrypt the session key
      • So that is can be used to decrypt the data.

Key Exchange

For any secured communication, users must set up the details of the cryptography. In some instances this may require exchanging identical keys (in the case of a symmetric key system). In others it may require possessing the other party's public key. While public keys can be openly exchanged (their corresponding private key is kept secret), symmetric keys must be exchanged over a secure communication channel. Formerly, exchange of such a key was extremely difficult, and was greatly eased by access to secure channels such as a diplomatic bag. Clear text exchange of symmetric keys would enable any interceptor to immediately learn the key, and any encrypted data. 

Key Storage

Security is a big concern and hence there are various techniques in use to do so. Likely the most common is that an encryption application manages keys for the user and depends on an access password to control use of the key. Likewise, in the case of smartphone key-less access platforms, they keep all identifying door information off mobile phones and servers and encrypt all data, where just like low-tech keys, users give codes only to those they trust.

Share:

Tags: cryptographic Symmetric Asymmetric ciphertext Public Key Private Key

Adroit Information Technology Academy (AITA)