利用者:T4NeGMp7P4en/事前共有鍵

ここはT4NeGMp7P4enさんの利用者サンドボックスです。編集を試したり下書きを置いておいたりするための場所であり、百科事典の記事ではありません。ただし、公開の場ですので、許諾されていない文章の転載はご遠慮ください。

登録利用者は自分用の利用者サンドボックスを作成できます（サンドボックスを作成する、解説）。

この利用者の下書き：1、2、事前共有鍵、S/KEY、キーストレッチング、チャレンジレスポンス認証

en:Pre-shared keyより翻訳のため転記

In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used.^[1]

Key

To build a key from shared secret, the key derivation function is typically used. Such systems almost always use symmetric key cryptographic algorithms. The term PSK is used in Wi-Fi encryption such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), where the method is called WPA-PSK or WPA2-PSK, and also in the Extensible Authentication Protocol (EAP), where it is known as EAP-PSK. In all these cases, both the wireless access points (AP) and all clients share the same key.^[2]

The characteristics of this secret or key are determined by the system which uses it; some system designs require that such keys be in a particular format. It can be a password, a passphrase, or a hexadecimal string. The secret is used by all systems involved in the cryptographic processes used to secure the traffic between the systems.

Crypto systems rely on one or more keys for confidentiality. One particular attack is always possible against keys, the brute force key space search attack. A sufficiently long, randomly chosen, key can resist any practical brute force attack, though not in principle if an attacker has sufficient computational power (see password strength and password cracking for more discussion). Unavoidably, however, pre-shared keys are held by both parties to the communication, and so can be compromised at one end, without the knowledge of anyone at the other. There are several tools available to help one choose strong passwords, though doing so over any network connection is inherently unsafe as one cannot in general know who, if anyone, may be eavesdropping on the interaction. Choosing keys used by cryptographic algorithms is somewhat different in that any pattern whatsoever should be avoided, as any such pattern may provide an attacker with a lower effort attack than brute force search. This implies random key choice to force attackers to spend as much effort as possible; this is very difficult in principle and in practice as well. As a general rule, any software except a cryptographically secure pseudorandom number generator (CSPRNG) should be avoided.

References

^ Martin, Victoria. “pre-shared key”. Fortinet Cookbook 2019年3月21日閲覧。
^ “What is a pre-shared key or shared secret?”. Indiana University (2018年1月18日). 2019年3月21日閲覧。^{[リンク切れ]}

[1] Martin, Victoria. “pre-shared key”. Fortinet Cookbook 2019年3月21日閲覧。

[2] “What is a pre-shared key or shared secret?”. Indiana University (2018年1月18日). 2019年3月21日閲覧。^{[リンク切れ]}

[1]

[2]

Key

See also

References