In cryptology, a key is a piece of information that parameterizes a cryptographic algorithm and thus controls it.
In the simplest case, most symmetric methods of classical cryptography, a password that is used to encrypt a plaintext and thus obtain a ciphertext. Conversely, this password is again needed as a key in order to regain the plaintext from the ciphertext by decryption. In modern, computer-based symmetric and asymmetric methods, on the other hand, the key is a sequence of bits.
In many cases, especially in the case of machine keys, a distinction is made between two partial keys. First, the daily key, which remains valid for a certain period of time, often for a day. And secondly, the spell key (also known as the “outer key”), which changes for each individual message. Both together form the cryptographically effective key.
Particular attention should be paid to so-called weak keys. Ideally, when developing an encryption algorithm, care should always be taken to ensure that there are no weak keys. However, even relatively modern methods, such as the Data Encryption Standard (DES), which was widely used for several decades towards the end of the 20th century, are not entirely free of such weaknesses. An extreme case of a weak key would be to choose a shift of 26 letters for Caesar encryption. In this case, the ciphertext would be equal to the plaintext, i.e. unencrypted.
---
Keys in symmetric methods
In symmetric methods, i.e. in all classical methods of cryptography and also in modern algorithms such as the Data Encryption Standard (DES) or its successor, the Advanced Encryption Standard (AES), both communication partners use the same (secret) key for both encryption and decryption. While classical methods, in which the text has to be encrypted (i.e. encrypted and/or decrypted) by hand, almost always use a password as a key, the key in modern, i.e. computer-based, symmetric methods usually consists of a sequence of bits. The security of a method depends not only on the algorithm itself but also on the key length. If an attack is found against a procedure that is more efficient than the brute force method, trying out all possible keys, the procedure is considered broken. In the case of a secure procedure, the length of the key directly indicates the level of security.
Keys in asymmetric methods
Asymmetric methods, such as the RSA cryptosystem, use key pairs consisting of a public key and a private key. The public key is not secret, it should be known to as many other users as possible, for example by distributing it via key servers. It can be used to carry out public operations, i.e. to encrypt messages or verify digital signatures. It is important that a public key can be uniquely assigned to a user. If this is not the case, for example, if a message is encrypted with another user’s public key, they can read the message even though it was not intended for them. In order to be able to name keys easily, a fingerprint is used, a short hash value that uniquely identifies a key. Another option is key certification, where a key is authenticated by a trusted entity for others to see. One such system for issuing, distributing, and verifying digital certificates that include a public key is called public key infrastructure.
Image by Sectigo
To decrypt a ciphertext or sign a message, the private key is required. In contrast to symmetric methods, in which several users share a secret key, in asymmetric methods only one user has the private (secret) key. This circumstance makes it possible to unambiguously assign a signature to a user. Therefore, it is fundamental that the private key cannot be derived from the public key.
Tagged With columnjkf