Authenticated Key Exchange

See also: Key-agreement protocol and Password-authenticated key agreement

Authenticated Key Exchange (AKE), Authenticated Key Agreement (AKA) or Authentication and Key Establishment (AKE) is the exchange or creation of a session key in a key exchange protocol which also authenticates the identities of parties involved in key exchange.[1] AKE typically occurs at the beginning of a communication session.[2] Features of AKE protocols include determination of which keys already exist and can be used, how new keys will be generated, and how many users the protocol is applicable to.[2]

AKE protocols make use of long term keys that exist prior to the protocol, and session keys, which are typically symmetric keys established during the execution of the protocol.[2] AKE protocols can be divided into four categories, based on the different types of long term keys used:[2]

  1. Pre-shared keys
  2. Public–private key pairs
  3. Identity-based keys
  4. Passwords

The use of Transport Layer Security (TLS) to secure HTTP connections is perhaps the most widely deployed AKE protocol.[3]

References

  1. ^ Diffie, W.; van Oorschot, P.; Wiener, M. (June 1992). "Authentication and authenticated key exchanges". Designs, Codes and Cryptography. 2 (2): 107–125. CiteSeerX 10.1.1.59.6682. doi:10.1007/BF00124891. S2CID 7356608.
  2. ^ a b c d Boyd, C., Mathuria, A., & Stebila, D. (2020). Protocols for authentication and Key Establishment. Springer Berlin Heidelberg.
  3. ^ Eric Rescorla (August 2018). "The Transport Layer Security (TLS) Protocol Version 1.3". Mozilla. The Internet Engineering Task Force. Archived from the original on 14 May 2021.


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.