Questions tagged [shared-secret]

Shared key is a piece of data, known only to the parties involved, in a secure communication. The shared secret can be a password, a passphrase, a big number or an array of randomly chosen bytes.

In cryptography, a shared secret or shared key is a piece of data, known only to the parties involved, in a secure communication. The shared secret can be a password, a passphrase, a big number or an array of randomly chosen bytes.

The shared secret is either shared beforehand between the communicating parties, in which case it can also be called a pre-shared key, or it is created at the start of the communication session by using a key-agreement protocol, for instance using public-key cryptography such as Diffie-Hellman or using symmetric-key cryptography such as Kerberos.

The shared secret or shared key can be used for authentication (for instance when logging into a remote system) using methods such as challenge-response or it can be fed to a key derivation function to produce one or more keys to use for encryption and/or MACing of messages.

To make unique session and message keys the shared secret is usually combined with an initialization vector (IV). An example of this is the derived unique key per transaction method.

It is also often used as an authentication measure in APIs.

Source : wikipedia article

48 questions

vote

1 answer

Why does Shamir Secret Sharing use Lagrange polynomials?

I've read that Newton polynomials have better computational complexity, but Shamir's uses Lagrange polynomials instead. Does anyone know if there are particular reason why Newton polynomials aren't used instead? Thanks

algorithm cryptography shared-secret

asked Jun 22 '14 at 07:18

Kar

6,063
7
53
82

vote

1 answer

Best Practices for REST Shared Secret Value

I am using a REST API that uses oauth for authentication. When registering for the service I was given my API Consumer Key and my API Shared Secret. I've been simply hardcoding the Shared Secret into my Application code and compiling it. Is this…

rest oauth shared-secret

asked Nov 01 '09 at 20:45

MarkPowell

16,482
7
61
77

votes

0 answers

Should shared secret be hashed (SHA-256) in ECDH?

FIDO2 uses ECDH (elliptic curve diffie hellman) for key agreement. However, in its sequence diagram, I see they hash the shared secret using SHA-256. Is there any specific reason to use the hash instead of the shared secret itself? Here is the FIDO…

cryptography elliptic-curve fido ecdh shared-secret

asked Nov 20 '22 at 10:22

Mohammad Siavashi

1,192
2
17
48

votes

7 answers

Java: Base64 Encode a String using a key

Hi I have data and a key (both strings). The data needs to be encode using the key using Base64. Can some one give me a sample code.

java encoding base64 shared-secret

asked Jun 14 '11 at 17:49

Abhishek

1,749
9
27
39

votes

0 answers

Trying to convert Shamir's algorithm output in int to string

I'm trying to make this implementation of Shamir's algorithm accept strings instead of just numbers. I can turn strings into numbers easily with ShamirEncoder.int_from_string() but I don't know how to convert the bytes back to string because the…

python-3.x encryption shared-secret

asked Jun 17 '20 at 03:10

DarkCeptor44

votes

1 answer

SecKeyCopyKeyExchangeResult is not working in iOS 13.0

SecKeyCopyKeyExchangeResult call throwing the next error regardless what parameter supplied. It's working fine with iOS 13.0. kSecKeyKeyExchangeParameterRequestedSize is missing My code: // Parameter value set here let params =…

ios13 shared-secret

asked Sep 12 '19 at 00:31

Harendra

votes

2 answers

Efficient way to do payload signing in HTML5 SPA

I'm looking to implement some efficient (i.e. with good performance) logic that does payload signing in our web application. The goal is for the HTML5 client to have a guarantee that the contents of a received payload are indeed those that were…

javascript java single-page-application diffie-hellman shared-secret

asked Apr 01 '19 at 09:20

PentaKon

4,139
5
43
80

votes

1 answer

Error during generation of ECPublicKey/ECPrivateKey from uncompressed client ephemeral public key and Open SSL static server private key

Hoping to get some help here... I am trying to generate a shared secret from uncompressed client public key (0x04 |32 byte point X| 32 byte point Y) and server private key (openSSL generated base64) but getting an error while converting server EC…

java cryptography bouncycastle shared-secret

asked Feb 26 '18 at 20:58

vison

votes

0 answers

Non-clear-text way to specify password for different environment.

I have test dll which needs connection string to DB. I need a way to store/specify non clear text way to specify connection string for various environments. I have a way of doing this in clear text way using Slow Cheetah transformation but I need a…

secret-key shared-secret

asked Oct 13 '17 at 19:33

BeHappy

votes

0 answers

Making a GET request with a secret that the browser can read, but the server can't

Imagine 2 websites, both owned by me. On website-y.com, a user can click on a link: Get your secret This takes him to website-x.com, where the server generates a secret token, and redirects the…

html http get local-storage shared-secret

asked Sep 30 '16 at 12:24

Cjoerg

1,271
3
21
63

votes

1 answer

Thinktecture Identity Server 3: Client Secrets to protect WEB APIs from unauthorized access

I am using the JS application walk through code sample and trying to understand how can I ensure the system is secured. AFAIK, the secrets provided at the scopes on the identity server have to be validated after token is passed to Resource API…

api access-token identityserver3 thinktecture-ident-server shared-secret

asked Sep 29 '16 at 20:26

Hussein Salman

7,806
15
60
98

votes

1 answer

Java implementation of shamir's sharing secret

I have implemented a java code for shamir secret sharing algorithm for only one byte , The only thing i still am not able to do it how to use these implementation for a byte array? thanks for your help here my program public class Shamir_partage…

java encryption cryptography shared-secret

asked Mar 06 '16 at 22:52

user1893

votes

1 answer

How to loop in the file of array byte

public byte[][] createShares(byte[] secret, int shares, int threshold, Random rnd) { // some code here } I have this method and i am going to apply SSS for file of byte array . byte [] secret is method parameter where i am going to pass as…

java arrays shared-secret

asked Mar 03 '16 at 15:12

john smith

votes

1 answer

Working with split secret key

I need to import splits of a secret key into a HSM device. A Key Encryption Key (KEK) 3DES key has been split for transport and need to be recombined in the destination HSM. How can this be done ? Are the splits actually being recombined in the…

hsm shared-secret

asked Jan 21 '16 at 09:35

BrJ

votes

1 answer

Signing requests with API secret in an iOS application

I have a webservice, and an iOS client(application) for one of my projects. My webservice exposes several REST endpoints. I am looking for a way to make sure that webservice processes requests that come from iOS application only. I understand that…

ios web-services rest secret-key shared-secret

asked Jun 04 '15 at 01:16

user462455

12,838
18
65
96

Prev 1 2

4 Next