1. Symmetric encryption the keys should be changed frequently. They are shared between two peers, keys should be known only by the two members using them. So confidentiality is extremely important to key exchange.
In-band key exchange takes place in the existing and established communication channel. This is however not secured and subject to eavesdropping attacks.
Out-of-band key exchange takes place outside the communication channel or pathway, such as a secondary channel through special secured exchange technique in the channel or complete separate pathway technology. In general it is considered more secured because the key exchange are not intercepted and used to read an encrypted message
In symmetric encryption both the sender and the receiver need to have the same key, this key is used by the sender to encrypt the data, and again by the recipient to decrypt the data. Key exchange is always a problem.
In In band exchange makes use of the same communication medium to exchange the symmetric key and the encrypted data. This type of exchange subject to eaves dropping or man in the middle attacks.
In Out-of-band key exchange, the key exchange will rely on having been shared in advance. That is, the key is delivered outside the network process from which it is being used.
2. Public Key Infrastructure (PKI) is a method of
…show more content…
The encryption key (public key) does not have to be secret and anyone can use it to encrypt data. However, the corresponding decrypted key (private key) is known to a single entity that can decrypt data encrypted with the encryption key. When we need to send an encrypted message to someone else, we first obtain the person’s public encryption key and transform the message with it. Only the recipient knows the corresponding private key. The recipient can decrypt the message. This is how the privacy is provided using