Key generator


A key generator in cryptography is a protocol or algorithm used to generate a sequence with pseudo-random characteristics for use as an encryption key. The generated sequence is used as an encryption key at one end of communication and as a decryption key at the other.
Key generators can be implemented in systems designed to generate, distribute, and authenticate keys for public key cryptography, where without the private key, one cannot access information encrypted with the public key.

Requirements

For a key generator to be cryptographically secure, its output must have several properties:
  • Uncorrelated sequences – no sequence of any given length should be correlated to any other sequence of the algorithm's output
  • Long period – the sequence should not repeat for a very long time
  • Uniform distribution – the output bits should be uniformly distributed
  • Unpredictability – it should be computationally infeasible to predict future output given past output
Key generators typically rely on sources of entropy to seed their algorithms, which may be hardware-based or software-based.

Types

Symmetric key generators

generators produce a single shared key used for both encryption and decryption. These generators often use pseudorandom number generators seeded with entropy from various sources. Modern standards such as NIST SP 800-90 specify approved random bit generators for this purpose.

Keystream generators

In stream ciphers, a keystream generator produces a continuous stream of pseudorandom bits that are combined with the plaintext using the XOR operation. The keystream generator takes a relatively short key and an initialization vector and expands them into a much longer keystream.

Examples

Common key generator implementations include: