Rekeying
Encyclopedia
Rekeying normally refers to the ability to change a lock
so that a different key may operate it. Rekeying is done when a lock owner may be concerned that unauthorized persons have keys to the lock, so the lock may be altered by a locksmith so that only new keys will work. Rekeying is a relatively simple a process of changing the tumbler or wafer configuration of the lock so a new key will function while the old one will not. Rekeying may be done without replacement of the entire lock.
Rekeying was first invented in 1836 by Solomon Andrews
, a New Jersey
locksmith. His lock had adjustable tumblers and keys, allowing the owner to rekey it at any time. Later in the 1850s, inventors Andrews and Newell patented removable tumblers which could be taken apart and scrambled. The keys had bits that were interchangeable, matching varying tumbler configurations. This arrangement later became the basis for combination locks.
Roughly equivalent to the classical procedure of changing codes on a daily basis, the key is changed after a pre-set volume of data has been transmitted or a given period of time has passed.
In contemporary systems, rekeying is implemented by forcing a new key exchange
, typically through a separate protocol like Internet key exchange (IKE)
. The procedure is handled transparently to the user.
A prominent application is Wi-Fi Protected Access (WPA)
, the extended security protocol for wireless networks
that addresses the shortcomings of its predecessor, WEP
, by frequently replacing session keys through the Temporal Key Integrity Protocol (TKIP), thus defeating some well-known key recovery attacks
.
Lock (device)
A lock is a mechanical or electronic fastening device that is released by a physical object or secret information , or combination of more than one of these....
so that a different key may operate it. Rekeying is done when a lock owner may be concerned that unauthorized persons have keys to the lock, so the lock may be altered by a locksmith so that only new keys will work. Rekeying is a relatively simple a process of changing the tumbler or wafer configuration of the lock so a new key will function while the old one will not. Rekeying may be done without replacement of the entire lock.
Rekeying was first invented in 1836 by Solomon Andrews
Solomon Andrews (inventor)
Solomon Andrews of Perth Amboy, New Jersey invented the first dirigible airship. The difference of specific gravity between the balloon and the surrounding atmosphere could be converted by a system of inclined planes to steer the craft, without a motor. He referred to his propulsion as...
, a New Jersey
New Jersey
New Jersey is a state in the Northeastern and Middle Atlantic regions of the United States. , its population was 8,791,894. It is bordered on the north and east by the state of New York, on the southeast and south by the Atlantic Ocean, on the west by Pennsylvania and on the southwest by Delaware...
locksmith. His lock had adjustable tumblers and keys, allowing the owner to rekey it at any time. Later in the 1850s, inventors Andrews and Newell patented removable tumblers which could be taken apart and scrambled. The keys had bits that were interchangeable, matching varying tumbler configurations. This arrangement later became the basis for combination locks.
In Cryptography
In cryptography, rekeying refers to the process of changing the encryption key of an ongoing communication in order to limit the amount of data encrypted with the same key.Roughly equivalent to the classical procedure of changing codes on a daily basis, the key is changed after a pre-set volume of data has been transmitted or a given period of time has passed.
In contemporary systems, rekeying is implemented by forcing a new key exchange
Key exchange
Key exchange is any method in cryptography by which cryptographic keys are exchanged between users, allowing use of a cryptographic algorithm....
, typically through a separate protocol like Internet key exchange (IKE)
Internet key exchange
Internet Key Exchange is the protocol used to set up a security association in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP...
. The procedure is handled transparently to the user.
A prominent application is Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access
Wi-Fi Protected Access and Wi-Fi Protected Access II are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks...
, the extended security protocol for wireless networks
IEEE 802.11
IEEE 802.11 is a set of standards for implementing wireless local area network computer communication in the 2.4, 3.6 and 5 GHz frequency bands. They are created and maintained by the IEEE LAN/MAN Standards Committee . The base version of the standard IEEE 802.11-2007 has had subsequent...
that addresses the shortcomings of its predecessor, WEP
Wired Equivalent Privacy
Wired Equivalent Privacy is a weak security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in September 1999, its intention was to provide data confidentiality comparable to that of a traditional wired network...
, by frequently replacing session keys through the Temporal Key Integrity Protocol (TKIP), thus defeating some well-known key recovery attacks
Related-key attack
In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker...
.
See also
- Diffie-Hellman key exchangeDiffie-Hellman key exchangeDiffie–Hellman key exchange Synonyms of Diffie–Hellman key exchange include:*Diffie–Hellman key agreement*Diffie–Hellman key establishment*Diffie–Hellman key negotiation...
- IPsecIPsecInternet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
: Internet key exchange (IKE)Internet key exchangeInternet Key Exchange is the protocol used to set up a security association in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP... - OTAR (Over-The-Air-Rekeying)OTAROTAR is the common name for the method of changing or updating encryption keys in a two-way radio system over the radio channel...
External links
- OpenSSH: KeyRegenerationInterval parameter, ~R command