cryptography Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), ...

, rekeying refers to the process of changing the

session key A session key is a single-use symmetric key used for encrypting all messages in one communication session. A closely related term is content encryption key (CEK), traffic encryption key (TEK), or multicast key which refers to any key used for ...

—the

encryption key A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data. Based on the used method, the key ...

of an ''ongoing'' communication—in order to limit the amount of data encrypted with the same key. Roughly equivalent to the classical procedure of changing codes on a daily basis, the key is changed after a pre-set volume of data has been transmitted or a given period of time has passed. In contemporary systems, rekeying is implemented by forcing a new

key exchange Key exchange (also key establishment) is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm. If the sender and receiver wish to exchange encrypted messages, each m ...

, typically through a separate protocol like

Internet key exchange In computing, Internet Key Exchange (IKE, versioned as IKEv1 and IKEv2) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.The Internet Key Exchange (IKE), RFC 2 ...

(IKE). The procedure is handled transparently to the user. A prominent application is

Wi-Fi Protected Access Wi-Fi Protected Access (WPA) (Wireless Protected Access), Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer n ...

(WPA), the extended security protocol for

wireless networks A wireless network is a computer network that uses wireless data connections between network nodes. Wireless networking allows homes, telecommunications networks, and business installations to avoid the costly process of introducing cables in ...

that addresses the shortcomings of its predecessor, WEP, by frequently replacing session keys through the

Temporal Key Integrity Protocol Temporal Key Integrity Protocol (TKIP ) is a security protocol used in the IEEE 802.11 wireless networking standard. TKIP was designed by the IEEE 802.11i task group and the Wi-Fi Alliance as an interim solution to replace Wired Equivalent Privac ...

(TKIP), thus defeating some well-known key recovery attacks. In

public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to fac ...

, rekeying (or "re-keying") leads to issuance of new certificate (in contrast to certificate renewal - issuance of new certificate for the same key, which is usually not allowed by CAs).

References

External links

*OpenSSH
KeyRegenerationInterval parameter~R command
Encryption devices {{crypto-stub

See also

References

External links