Cryptography
Cryptographic Key
Also known as: Crypto key, Encryption key
Definition
A high-entropy secret or public value that parameterizes a cryptographic algorithm to encrypt, decrypt, sign or authenticate data.
Examples
- A 256-bit AES key generated by a hardware RNG and stored in an HSM.
- An Ed25519 key pair used to sign Git commits and SSH connections.
Related terms
Private Key
The secret half of an asymmetric key pair, used to decrypt ciphertext addressed to its owner or to create digital signatures that prove the owner's identity.
Public Key
The freely distributable half of an asymmetric key pair, used to encrypt messages for its owner or to verify digital signatures produced by the matching private key.
Session Key
A short-lived symmetric key used to protect a single communication session and then discarded.
Master Key
A high-value long-term key from which other cryptographic keys are derived or which directly encrypts other keys.
Key Derivation Function (KDF)
A cryptographic function that derives one or more strong cryptographic keys from a secret input such as a password, shared secret or master key.
Key Rotation
The periodic replacement of cryptographic keys with new ones to limit the volume of data protected by any single key and contain the impact of compromise.