Symmetric-Key Infrastructure (SKI) is a symmetric key authentication protocol which aims to provide an authentication infrastructure not unlike PKI (Public Key Infrastructure). SKI is any cryptographic algorithm that is based on a shared key that is used to encrypt or decrypt text/cyphertext, in contract to asymmetric key cryptography, where the encryption and decryption keys are different. Symmetric encryption is generally more efficient than asymmetric encryption and therefore preferred when large amounts of data need to be exchanged.

Since SKI is based purely on symmetric key algorithms it does not have the computational requirements associated with PKI. This makes SKI especially appropriate for resource constrained devices such as those used in mobile ad-hoc networks (MANET). SKI’s Authentication Server does not have to be online, unlike other symmetric key authentication protocols such as Kerberos. This makes SKI intrinsically resistant to Denial of Service attacks. Other features of SKI include support for a key update mechanism and key revocation. SKI seems especially well suited for applications such as MANET and peer-to-peer networks.

Examples for symmetric key cryptography include AES, DES, and 3DES. Key exchange protocols used to establish a shared encryption key include Diffie-Hellman (DH), elliptic curve (EC) and RSA.

Related Products

Related Articles

« Back to Glossary Index