Key (cryptology)

from Wikipedia, the free encyclopedia
The key is the central component in decoding a ciphertext and thus obtaining the plaintext

In cryptology, a key is information that parameterizes a cryptographic algorithm and thus controls it.

In the simplest case, with most of the symmetrical methods of classic cryptography such as the Vigenère cipher or the Playfair method, this is a password that is used to encrypt a plain text and thus to obtain a ciphertext . Conversely, this password is required again as a key in order to recover the plain text from the ciphertext by decryption . In the case of modern, computer-based symmetrical and asymmetrical methods , however, the key is a bit sequence .

In many cases, especially with machine keys, a distinction is made between two partial keys. First, the day key (sometimes also called the “inner key”), which remains valid for a certain period of time, often for one day. And secondly, the saying key (also known as the “outer key”), which changes for each individual message. Both together form the cryptographically effective key.


In 1883 Auguste Kerckhoffs formulated his maxim, namely that the security of a cryptographic process should not depend on the secrecy of the algorithm, but only on the secrecy of the key used ( Kerckhoffs' principle ). With a symmetrical procedure (others were not yet known at the time), the key contains the information that must remain secret, while the algorithm, i.e. the encryption procedure itself, may be publicly known. In asymmetrical encryption methods , also known as “public key cryptography” , the private key takes on the role of secret , while the associated public key is generally known.

Key for symmetrical procedures

With symmetrical procedures, i.e. with all classic methods of cryptography and also with modern algorithms such as the Data Encryption Standard (DES) or its successor, the Advanced Encryption Standard (AES), both communication partners use the same (secret) key for both encryption and encryption also for decryption. While traditional methods, in which the text has to be encrypted ( i.e. encrypted and / or decrypted) by hand , almost always use a password as the key, in modern, computer-based, symmetrical methods, the key usually consists of a bit sequence.

The security of a procedure depends not only on the algorithm itself, but also on the key length. If an attack is found against a process that is more efficient than the brute force method , ie trying out all possible keys, the process is considered broken . With a secure procedure, the key length therefore directly indicates the level of security.

Key for asymmetric procedures

Asymmetric algorithms such as the RSA cryptosystem , use Tags that of a public key ( English public key ) and a private key (Engl. Private key , German also "secret key") are made.

The public key is not secret; it should be known to as many other users as possible, for example through distribution via key servers . Public operations can be carried out with it, i.e. messages can be encrypted or digital signatures checked. It is important that a public key can be clearly assigned to a user. If this is not the case, for example if a message is encrypted with the public key of another user, the latter can read the message even though it was not intended for him. In order to be able to name keys easily, one uses a fingerprint, a short hash value that uniquely identifies a key.

To decrypt a ciphertext or to sign a message, the private key is required. In contrast to symmetrical procedures, in which several users share a secret key, in asymmetrical procedures only one user has the private (secret) key. This fact makes it possible to uniquely assign a signature to a user. It is therefore fundamental that the private key cannot be derived from the public one.