Safekipedia
Cryptographic primitivesCryptographic protocolsPublic-key cryptography

Key exchange

Adapted from Wikipedia · Discoverer experience

Key exchange is a method used in cryptography that lets two people share special secret codes, called cryptographic keys, with each other. This helps them use a cryptographic algorithm to keep their messages safe from others who might try to read them.

When two people want to send secret messages to each other, they need to have the right tools to lock (encrypt) and unlock (decrypt) those messages. The tools they need depend on what kind of secret code they use. If they use a simple list of codes, called a codebook, both people need a copy of that list. If they use a special kind of lock called a cipher, they need special keys to make it work.

If the cipher they use is called a symmetric key cipher, both people need the exact same key. But if they use something called an asymmetric key cipher, they each have two keys: one public key that they share with others, and one private key that they keep secret. In this case, they need each other's public keys to start their secure conversation.

Channel of exchange

Key exchange can happen in two ways: in-band or out-of-band. In-band means the keys are sent through the same channel used for regular communication. Out-of-band means the keys are sent through a different, separate channel. This helps keep messages safe and secure between two people or devices.

Main article: In-band and out-of-band

The key exchange problem

The key exchange problem is about finding safe ways for two people to share a secret key so they can send encrypted messages to each other. Before public-key cryptography was invented, people used symmetric-key cryptography, which needs the same secret key for both sending and receiving messages. This meant the two parties had to find a safe way to share this key, like using trusted couriers or secure communication channels, which could be difficult and risky.

Public-key cryptography solved this by using two keys: a public key that anyone can share openly, and a private key that only the owner keeps. This way, people can exchange keys safely over the internet. One famous method is the Diffie-Hellman key exchange, which lets two people create a shared secret key even if someone is watching their communication. However, this method does not guarantee that the person on the other end is who they say they are, which is why additional steps are needed to verify identities.

This article is a child-friendly adaptation of the Wikipedia article on Key exchange, available under CC BY-SA 4.0.