概念定义:
Key Exchange (also key establishment) is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm.
密钥交换技术(即为密钥建立的概念)指的是在两方之间使用密码学算法建立一个会话密钥。
Key Agreement: In cryptography, a key-agreement protocol is a protocol whereby two or more parties can agree on a key in such a way that both influence the outcome. If properly done, this precludes undesired third parties from forcing a key choice on the agreeing parties. Protocols that are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon.
密钥协商技术是一种协议允许两个或者多方协商一个密钥,这个密钥需要所有的参与方影响然后生成,密钥协商技术的范围应该算是更宽一些,特别是突出表现所有人都要能够影响密钥协商的结果属性。
Key distribution:
In symmetric key cryptography, both parties must possess a secret key which they must exchange prior to using any encryption. Distribution of secret keys has been problematic until recently, because it involved face-to-face meeting, use of a trusted courier, or sending the key through an existing encryption channel. The first two are often impractical and always unsafe, while the third depends on the security of a previous key exchange.
In public key cryptography, the key distribution of public keys is done through public key servers. When a person creates a key-pair, they keep one key private and the other, known as the public-key, is uploaded to a server where it can be accessed by anyone to send the user a private, encrypted, message.
密钥分发技术在对称加密和公钥加密技术领域有不同的应用,在对称密码技术中密钥分发通过使用面对面的传送、可信第三方、或者可信加密信道来传送会话密钥。在公钥密钥技术中所有参与者一般将自己的公钥发送到服务器上,允许其他的所有人下载该公钥然后进行加密。
Key management:refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.
第二种辨析:
Key Exchange 可翻译为“密钥交换”,指为了通信参与方之间建立安全信道(会话密钥),必须交换信道生成算法、材料、参数等相关信息。
Key Agreement 可翻译为“密钥协商”,指通信参与方之间通过协商安全信道建立算法、材料、参数等信息建立安全信道(会话密钥)。
在最早的对称密码领域,即通信参与方之间需要首先交换用于加密和解密的对称密钥之后,各参与方才能使用这些密钥对明文消息进行加密和解密实现安全通信。此时密钥交换的结果是由发送方或者接受方单方面决定的。这也是对称密码领域下的“密钥交换”面临最大的问题。
公钥密码学被创立后,加密和解密变成了双密钥机制,即采用公钥进行加密,私钥进行解密。密钥交换随之也有相应的变化。最为简单的方式为,通信双方只要交换各自的公钥,即可获得两方安全通信信道(会话密钥)。此时密钥交换的最终结果是由参与方共同决定的(此时本质为协商)。
密钥管理主要对密码学系统的密钥进行管理,包括密钥生成、交换、存储,密钥分发等功能。
辨析概念:
最近5年美密、欧密、亚密、PKC、TCC上关于密钥协商、交换、管理的论文如下:
美密2021:
KHAPE: Asymmetric PAKE from Key-Hiding Key Exchange :两方密钥交换
Meet-in-the-Middle Attacks Revisited: Key-recovery, Collision, and Preimage Attacks
Authenticated Key Exchange and Signatures with Tight Security in the Standard Model:两方密钥交换
美密2020:
Leakage-Resilient Key Exchange and Two-Seed Extractors
Universally Composable Relaxed Password Authenticated Key Exchange
美密2019:
Highly Efficient Key Exchange Protocols with Optimal Tightness
美密2018:
Towards bidirectional ratcheted key exchange
Practical and Tightly-Secure Digital Signatures and Authenticated Key Exchange
On Tightly Secure Non-Interactive Key Exchange
美密2017:
Ratcheted Encryption and Key Exchange: The Security of Messaging
欧密2021:
Tightly-Secure Authenticated Key Exchange, Revisited
欧密2020---欧密2019:
无
欧密2018:
Fuzzy Password-Authenticated Key Exchange
Bloom Filter Encryption and Applications to Efficient Forward-Secret 0-RTT Key Exchange
欧密2017:
0-RTT Key Exchange with Full Forward Secrecy
TCC2021:
Grafting Key Trees: Efficient Key Management for Overlapping Groups
Towards Tight Adaptive Security of Non-Interactive Key Exchange
TCC2020:
Continuous Group Key Agreement with Active Security
TCC2019:
A Black-Box Construction of Fully-Simulatable, Round-Optimal Oblivious Transfer from Strongly Uniform Key Agreement
TCC2018:
Information-Theoretic Secret-Key Agreement: The Asymptotically Tight Relation Between the Secret-Key Rate and the Channel Quality Ratio
TCC2017:
无
PKC2021:
无
PKC2020:
Generic Authenticated Key Exchange in the Quantum Random Oracle Model
Privacy-Preserving Authenticated Key Exchange and the Case of IKEv2
Limits on the Efficiency of (Ring) LWE based Non-Interactive Key ExchangePKC2019:
PKC2019:
Non-Interactive Keyed-Verification Anonymous Credentials
PKC2018--PKC2017:
无
亚密2021:
Symmetric Key Exchange with Full Forward Security and Robust Synchronization
Modular Design of Role-Symmetric Authenticated Key Exchange Protocols
亚密2020:
Fuzzy Asymmetric Password-Authenticated Key Exchange
Two-Pass Authenticated Key Exchange with Explicit Authentication and Tight Security
亚密2019:
Strongly Secure Authenticated Key Exchange from Supersingular Isogenies
亚密2018:
Towards practical key exchange from ordinary isogeny graphs
亚密2017:
无
Key Exchange/Agreement/Distribution/Transmit 的区别
如下图所示:
最值得注意的是key exchange 虽然在下图出现了多次,但是却代表不同的含义,在第二栏中key exchange 表示密钥协商、建立的概念,包括对称、公钥密钥协商以及两方多方密钥协商。但是在第四栏中,各种论文中key exchange特指两方密钥交换,如在英文表达中两方密钥交换、协商就是Key exchange不能写作two party key agreement。key agreement 只是概念上的描述与key Transport 概念相对比,如果特别需要突出密钥协商请加上相关定语,例如非对称群要密钥协商AGKA。在汉语表达中均可成为密钥协商,但是最好在论文和材料中著名其英文含义与对比,更加严谨。
294
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
