Security - public key exchange
When implementing authentication between two devices, it is often necessary to exchange keys or passwords over an unsecured link. In order to achieve this safely, we can use what are known as public key exchange methods.
These are methods used to securely exchange cryptographic keys over a public channel. One of the earliest and most noteworthy such methods is the Diffie-Hellman key exchange.
Historically, to establish a secure encrypted communication, both parties had to share keys through a protected physical method, like exchanging paper lists of keys delivered by a reliable messenger. The Diffie-Hellman key exchange technique enables two entities, unfamiliar with each other, to collaboratively create a shared secret key even over a non-secure channel. This shared key can then be employed to encrypt their subsequent communications using a symmetric-key encryption method.
Some additional useful notes are listed below:
- IOS key chain feature
- Public Key Certificate
- IPSec - Key Exchange Data
- Security keyrings
- Security - Diffie-Hellman groups
- ASA - crypto hardware processing