Key generator


A key generator in cryptography is a protocol or algorithm used to generate a sequence with pseudo-random characteristics for use as an encryption key. The generated sequence is used as an encryption key at one end of communication and as a decryption key at the other.
Key generators can be implemented in systems designed to generate, distribute, and authenticate keys for public key cryptography, where without the private key, one cannot access information encrypted with the public key.

Requirements

For a key generator to be cryptographically secure, its output must have several properties:Uncorrelated sequences – no sequence of any given length should be correlated to any other sequence of the algorithm's outputLong period – the sequence should not repeat for a very long timeUniform distribution – the output bits should be uniformly distributedUnpredictability – it should be computationally infeasible to predict future output given past output
Key generators typically rely on sources of entropy to seed their algorithms, which may be hardware-based or software-based.

Types

Symmetric key generators

Symmetric key generators produce a single shared key used for both encryption and decryption. These generators often use pseudorandom number generators seeded with entropy from various sources. Modern standards such as NIST SP 800-90 specify approved random bit generators for this purpose.

Keystream generators

In stream ciphers, a keystream generator produces a continuous stream of pseudorandom bits that are combined with the plaintext using the XOR operation. The keystream generator takes a relatively short key and an initialization vector and expands them into a much longer keystream.

Examples

Common key generator implementations include: