Key authentication

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Key authentication" – news · newspapers · books · scholar · JSTOR (November 2023) (Learn how and when to remove this template message)

Key/Config-authentication is used to solve the problem of authenticating the keys of a person (say "person A") that some other person ("person B") is talking to or trying to talk to. In other words, it is the process of assuring that the key of "person A", held by "person B", does in fact belong to "person A" and vice versa.

This is usually done after the keys have been shared among the two sides over some secure channel. However, some algorithms share the keys at the time of authentication.

The simplest solution for this kind of problem is for the two concerned users to communicate and exchange keys. However, for systems in which there are a large number of users or in which the users do not personally know each other (e.g., Internet shopping), this is not practical. There are various algorithms for both symmetric keys and asymmetric public key cryptography to solve this problem.