Like the Elliptic curve Diffie-Hellman (ECDH) protocol that Signal has used since its start, KEM is a key encapsulation mechanism. Also known as a key agreement mechanism, it provides the means for two parties who have never met to securely agree on one or more shared secrets in the presence of an adversary who is monitoring the parties’ connection. RSA, ECDH, and other encapsulation algorithms have long been used to negotiate symmetric keys (almost always AES keys) in protocols including TLS, SSH, and IKE. Unlike ECDH and RSA, however, the much newer KEM is quantum-safe.
3 Matching Annotations
- Last 7 days
-
arstechnica.com arstechnica.com
-
- Nov 2022
-
developer.okta.com developer.okta.com
-
This is an effective, dynamic stand-in for a fixed secret.
run-time dynamicness vs. hard-coded values hard-coded values = fixed secret
-
- Dec 2019
-
unixwiz.net unixwiz.net
-
One of the more clever aspects of the agent is how it can verify a user's identity (or more precisely, possession of a private key) without revealing that private key to anybody.
-