中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeInformation, Computer and Network SecurityBasic Security Technologies

Secret-Key or Symmetric-Key Cryptography

Secret-key cryptography is a networking security technology to ensure information only open by the limited parties who have the key to decrypt the content. In the secret-key cryptography scheme, only one key is required to encrypt and decrypt messages. It is also called symmetric key cryptography, verses asymmetric key cryptography in which a pair of public/private keys is needed: one to encrypt and the other to decrypt a message.

The secrete key often appears in the form of codes, ciphers and others. The popular technology for the Secret Key encryption is the DES (Data Encryption Standard). Now more advanced encryption algorithm used is the Triple DES which is securer for high sensitivity information. The core technology of Secret-key cryptography is the key management including key establishment, key storage, key distribution, key cancellation and etc. The financial industry has taken a lead at the process standardization of keys protection and exchange. It is detailed at the ANSI X9.17 Financial Institution Key Management (Wholesale) Standard. Currently, the popular key management technology are the SKIPSimple Key management for IPand ISAKMP/Oakley.

Secret-key cryptography could be applied to protect private information during storage and exchange. If you want to keep your information at the hard disk privately, you could apply the key to keep it from disclosure to others; if you want to transfer it to another party, Secret-key cryptography could ensure it will not be read even though it is captured by the 3rd party; but the receiving party could decrypt it successfully with the previous told or co-agreed key.

Since every communication incident requires a key, which potentially will make the key management in a large system difficult, and additionally it is hard to securely pass the key over the network, the Public Key Cryptography is often adopted for large systems as the information security mechanism vs. the Secret-Key Cryptography for small systems.

Related Terms:Key management, DES, Triple DES, Public Key Cryptography, Encryption, Decryption

Reference Links: http://csrc.nist.gov/publications/nistpubs/800-7/node49.html: Key Management

‹ PKI: Public-Key InfrastructureupSieve: An Email Filtering Language ›