Elementary Information Security, 3rd Edition

▶ 8.1 The Key Management Challenge

When we encrypt a file, we substitute the problem of protecting the file with the problem of protecting its key. If attackers can retrieve our secret keys, then our cryptographic measures give no protection. Keys face two attack vectors: attempts to guess a key and attempts to intercept a key. We face three key management problems:

Sharing keys with exactly the right people, no more or less
Choosing keys that attackers can’t guess
Handling keys so attackers can’t guess or intercept them

The third problem itself has several facets. First, there’s the key distribution problem: We need to share keys with others without risking security. Second, we need to store the keys safely so that attackers can’t retrieve ...

Get Elementary Information Security, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Elementary Information Security, 3rd Edition by Richard E. Smith

▶ 8.1 The Key Management Challenge

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly