- Key generation
Key generation is the process of generating keys for
cryptography . A key is used to encrypt and decrypt whatever data is being encrypted/decrypted.Modern cryptographic systems include
symmetric-key algorithm s (such as DES and AES) and public-key algorithms (such asRSA ). Symmetric-key algorithms use a single shared key; keeping data secret requires keeping this key secret. Public-key algorithms use apublic key and aprivate key . The public key is made available to anyone (often by means of adigital certificate ). A sender will encrypt data with the public key; only the holder of the private key can decrypt this data.Since public-key algorithms tend to be much slower than symmetric-key algorithms, modern systems such as TLS and SSH use a combination of the two: one party receives the other's public key, and encrypts a small piece of data (either a symmetric key or some data that will be used to generate it). The remainder of the conversation uses a (typically faster) symmetric-key algorithm for encryption.
In computer cryptography keys are integers. In some cases keys are randomly generated using a
random number generator (RNG) orpseudorandom number generator (PRNG), the latter being acomputer algorithm that produces data which appears random under analysis. Of the PRNGs those which use system entropy to seed data generally produce better results, since this makes the initial conditions of the PRNG much more difficult for an attacker to guess. In other situations, the key is created using apassphrase and a "key generation algorithm", usually involving acryptographic hash function such asSHA-1 .The simplest method to read encrypted data is a
brute force attack —simply attempting every number, up to the maximum length of the key. Therefore, it is important to use a sufficiently longkey length ; longer keys take exponentially longer to attack, rendering a brute force attack impractical. Currently, key lengths of 128 bits (for symmetric key algorithms) and 1024 bits (for public-key algorithms) are common.ee also
*
Distributed key generation : For some protocols no party should be in the sole possession of the secret key. Rather, during "distributed key generation" every party obtains a share of the key. Athreshold of the participating parties need to cooperate in order to achieve a cryptographic task, such as decrypting a message.
Wikimedia Foundation. 2010.