Shared secret

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Wavelength (talk | contribs) at 03:17, 7 September 2013 ("in to" (adverb and preposition) —> "into" (preposition)—wikt:inwikt:towikt:into—http://public.wsu.edu/~brians/errors/into.html—User talk:Wavelength, sections 37 and 39 and 41 (to Archive 5)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

For methods where a secret is divided into several parts, see secret sharing.

In cryptography, a shared secret is a piece of data, known only to the parties involved, in a secure communication. The shared secret can be a password, a passphrase, a big number or an array of randomly chosen bytes.

The shared secret is either shared beforehand between the communicating parties, in which case it can also be called a pre-shared key. Or it is created at the start of the communication session by using a key-agreement protocol, for-instance using public-key cryptography such as Diffie-Hellman or using symmetric-key cryptography such as Kerberos.

The shared secret can be used for authentication (for instance when logging into a remote system) using methods such as challenge-response or it can be fed to a key derivation function to produce one or more keys to use for encryption and/or MACing of messages.

To make unique session and message keys the shared secret is usually combined with an initialization vector (IV). An example of this is the derived unique key per transaction method.

It is also often used as an authentication measure in APIs.[1]

See also

Notes

  1. ^ http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html

References

Retrieved from "https://en.wikipedia.org/w/index.php?title=Shared_secret&oldid=571867441"