See also: Key-agreement protocol and Password-authenticated key agreement
This article provides insufficient context for those unfamiliar with the subject. Please help improve the article by providing more context for the reader.(April 2021) (Learn how and when to remove this message)
Authenticated Key Exchange (AKE), Authenticated Key Agreement (AKA) or Authentication and Key Establishment(AKE) is the exchange or creation of a session key in a key exchange protocol which also authenticates the identities of parties involved in key exchange.[1] AKE typically occurs at the beginning of a communication session.[2] Features of AKE protocols include determining which keys already exist and can be used, how new keys will be generated, and how many users the protocol is applicable to.[2]
AKE protocols make use of long term keys which exist prior to the protocol, and session keys, which are typically symmetric keys established during the execution of the protocol.[2] AKE protocols can be divided into four categories, based on the different types of long term keys used :[2]
Pre-Shared keys
Public-private key pairs
Identity-based keys
Passwords
The use of Transport Layer Security (TLS) to secure HTTP connections is perhaps the most widely deployed AKE protocol.[3]
^Diffie, W.; van Oorschot, P.; Wiener, M. (June 1992). "Authentication and authenticated key exchanges". Designs, Codes and Cryptography. 2 (2): 107–125. CiteSeerX 10.1.1.59.6682. doi:10.1007/BF00124891. S2CID 7356608.
^ abcdBoyd, C., Mathuria, A., & Stebila, D. (2020). Protocols for authentication and Key Establishment. Springer Berlin Heidelberg.
^Eric Rescorla (August 2018). "The Transport Layer Security (TLS) Protocol Version 1.3". Mozilla. The Internet Engineering Task Force. Archived from the original on 14 May 2021.
and 21 Related for: Authenticated Key Exchange information
AuthenticatedKeyExchange (AKE), AuthenticatedKey Agreement (AKA) or Authentication and Key Establishment(AKE) is the exchange or creation of a session...
the keys at the time of authentication. The simplest solution for this kind of problem is for the two concerned users to communicate and exchangekeys. However...
Password-AuthenticatedKeyExchange or PAKE. In basic authentication, the server learns the user's password during the course of the authentication. If the...
The Password AuthenticatedKeyExchange by Juggling (or J-PAKE) is a password-authenticatedkey agreement protocol, proposed by Feng Hao and Peter Ryan...
Keyexchange (also key establishment) is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic...
Encrypted KeyExchange (also known as EKE) is a family of password-authenticatedkey agreement methods described by Steven M. Bellovin and Michael Merritt...
establish a secure authenticated communication channel by using the Diffie–Hellman keyexchange algorithm to generate a shared secret key to encrypt further...
cryptography, Simultaneous Authentication of Equals (SAE) is a password-based authentication and password-authenticatedkey agreement method. SAE is a...
of authenticated encryption modes. In 2015, ChaCha20-Poly1305 is added as an alternative AE construction to GCM in IETF protocols. Authenticated encryption...
framework for authentication and keyexchange and is designed to be keyexchange independent; protocols such as Internet KeyExchange (IKE) and Kerberized...
Exponential KeyExchange) is a cryptographic method for password-authenticatedkey agreement. The protocol consists of little more than a Diffie–Hellman key exchange...
Pake may refer to: Password-authenticatedkeyexchange (PAKE) Pākē, Hawaiian language term for Chinese in Hawaii Pake, California Páké, alternative name...
expanded as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of message authentication code (MAC) involving...
Oorschot, Paul C.; Wiener, Michael J. (June 1992). "Authentication and AuthenticatedKeyExchanges" (PDF). Designs, Codes and Cryptography. 2 (2): 107–125...
Internet KeyExchange v. 2 (EAP-IKEv2) is an EAP method based on the Internet KeyExchange protocol version 2 (IKEv2). It provides mutual authentication and...
Secure Remote Password protocol (SRP) is an augmented password-authenticatedkeyexchange (PAKE) protocol, specifically designed to work around existing...
Association and Key Management Protocol (ISAKMP) provides a framework for authentication and keyexchange, with actual authenticatedkeying material provided...
(MIKEY-IBAKE): Identity-Based AuthenticatedKeyExchange (IBAKE) Mode of Key Distribution in Multimedia Internet KEYing (MIKEY). MIKEY-IBAKE is defined...
keyed hash, message authentication code, or protected checksum. Informally, a message authentication code system consists of three algorithms: A key generation...
peers. SSB peers exchange asymmetric keys and establish authenticated connections between each other using an AuthenticatedKeyExchange protocol, Secret...
(Menezes–Qu–Vanstone) is an authenticated protocol for key agreement based on the Diffie–Hellman scheme. Like other authenticated Diffie–Hellman schemes,...