Cryptographic Keys 6.1

Question 1

The Key is the Key

Answer 1

Cryptography isn’t a new science. The algorithm is a known entity. What isn’t know is the key. The key determines the output. Encrypted data, hash value, and digital signature. These are the critical pieces to keep protected.

Question 2

Key Strength

Answer 2

Larger keys tend to be more secure simply because there is a greater possibility of key combinations. Symmetric keys are commonly 128-bit keys but they will get larger as time goes on. Asymmetric encryption uses complex calculations of prime number. Larger keys than symmetric encryptions, common to see keys lengths of 3,072 bits or larger.

Question 3

Key Exchange

Answer 3

Transfer out of band (not on the internet). It’s not always practical. We protect a symmetric key by adding additional encryption, usually asymmetric encryption.

Question 4

Real-Time Encryption/Decryption

Answer 4

There is a need for fast security without compromising the security. You send they symmetric key through asymmetric encryption; private/public key, and then continue to use the symmetric key. It’s best practice to change the session keys at least once or multiple times a day. These are called ephemeral keys.