Rekeying

From Wikipedia, the free encyclopedia

In cryptography, rekeying refers to the process of changing the encryption key of an ongoing communication in order to limit the amount of data encrypted with the same key.

Roughly equivalent to the classical procedure of changing codes on a daily basis, the key is changed after a pre-set volume of data has been transmitted, a given period of time has passed or either.

In contemporary systems, rekeying is implemented by forcing a new key exchange, typically through a separate protocol like Internet key exchange (IKE). The procedure is handled transparently to the user.

A prominent application is Wi-Fi Protected Access (WPA), the extended security protocol for wireless networks that addresses the shortcomings of its predecessor, WEP, by frequently replacing session keys through the Temporal Key Integrity Protocol (TKIP), thus defeating some well-known key recovery attacks.

[edit] See also

• Diffie-Hellman key exchange
• IPsec: Internet key exchange (IKE)
• OTAR (Over-The-Air-Rekeying)

[edit] External links

• OpenSSH: KeyRegenerationInterval parameter, ~R command