Key Exchange & Encyption Technology

Question 1

Key Exchange

Answer 1

Key exchange → process of securely sharing encryption keys.

Question 2

Out-of-Band Key Exchange

Answer 2

Out-of-band key exchange → key exchange using a separate communication channel.

Question 3

In-Band Key Exchange

Answer 3

In-band key exchange → key exchange over the same channel as data.

Question 4

Session Keys

Answer 4

Session keys → temporary symmetric keys used for a single encrypted session. Like a web session

Question 5

Symmetric Key

Answer 5

Symmetric key → single shared private key used for encryption and decryption at the same time. Great for bulk data like AES

Question 6

Asymmetric Key

Answer 6

Asymmetric key → public and private key pair used in a key exchange for digital signatures. Great for identity or managing symmetric keys

Question 7

TPM

Answer 7

Trusted platform module (TPM) → hardware chip on the motherboard on a SINGLE DEVICE that stores encryption keys, passwords, biometric info, and other cryptographic operations.

Question 8

HSM

Answer 8

Hardware security module (HSM) → dedicated device that stores encryption keys, passwords, biometric info, and other cryptographic operations. Basically a big TPM for SEVERAL DEVICES. Enterprise grade security.

Question 9

Key Management System

Answer 9

Key management system → centralized platform for managing cryptographic keys.

TPM and HSM are examples of a key management system

Question 10

Secure Enclave

Answer 10

Secure enclave → isolated hardware environment in the CPU that stores encryption keys, passwords, biometric info, and other cryptographic operations.

Like TPM but only for secure data and apps, whereas TPM is for the whole platform