Authenticated Key Exchange Explained

See also: Key-agreement protocol and Password-authenticated key agreement.

Authenticated Key Exchange (AKE), Authenticated Key Agreement (AKA) or Authentication and Key Establishment (AKE) is the exchange or creation of a session key in a key exchange protocol which also authenticates the identities of parties involved in key exchange.[1] AKE typically occurs at the beginning of a communication session.[2] Features of AKE protocols include determination of which keys already exist and can be used, how new keys will be generated, and how many users the protocol is applicable to.

AKE protocols make use of long term keys that exist prior to the protocol, and session keys, which are typically symmetric keys established during the execution of the protocol. AKE protocols can be divided into four categories, based on the different types of long term keys used:

  1. Pre-shared keys
  2. Public–private key pairs
  3. Identity-based keys
  4. Passwords

The use of Transport Layer Security (TLS) to secure HTTP connections is perhaps the most widely deployed AKE protocol.[3]

Notes and References

  1. Diffie . W. . van Oorschot . P. . M. . Wiener . Authentication and authenticated key exchanges . Designs, Codes and Cryptography . 10.1007/BF00124891 . June 1992. 2 . 2 . 107–125 . 7356608 . 10.1.1.59.6682 .
  2. Boyd, C., Mathuria, A., & Stebila, D. (2020). Protocols for authentication and Key Establishment. Springer Berlin Heidelberg.
  3. The Transport Layer Security (TLS) Protocol Version 1.3 . https://archive.today/20210514184514/https://datatracker.ietf.org/doc/html/rfc8446 . 14 May 2021 . August 2018 . Eric Rescorla . The Internet Engineering Task Force . Mozilla.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Authenticated Key Exchange".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2025, A B Cryer, All Rights Reserved. Cookie policy.