Exchanging Session Keys
To send another user an encrypted message, it becomes necessary to send that
user the session key that was used to perform the encryption. There are two ways
this can be approached:
- The sending user can create a random session key, encrypt it using the
receiver's public key, and send the encrypted key (key blob) to the receiver. The
sender can then send messages encrypted with this session key to the receiver. This
approach is discussed in the following section.
- The sending and receiving users can mutually agree on a session key by
exchanging several messages back and forth. The users can then use this session key to
send encrypted messages back and forth. The Sample Three-Phase Exchange Protocol section describes a sample three-phase key exchange protocol that can be used
for this purpose. Designing one of these protocols (and getting it right!) is
fairly difficult and should only be attempted by an experienced cryptographer.
Note This section assumes that the users (or CryptoAPI clients) already possess
their own set of public/private key pairs and have also obtained each other's
public keys.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
