 | This article includes alist of references,related reading, orexternal links,but its sources remain unclear because it lacksinline citations. Please helpimprove this article byintroducing more precise citations.(September 2025) (Learn how and when to remove this message) |
Incryptography, ashared secret is a piece of data, known only to the parties involved, in asecure communication. This usually refers to thekey of asymmetric cryptosystem. The shared secret can be aPIN code, apassword, apassphrase, a big number, or an array of randomly chosen bytes.
The shared secret is either shared beforehand between the communicating parties, in which case it can also be called apre-shared key, or it is created at the start of the communication session by using akey-agreement protocol, for instance usingpublic-key cryptography such asDiffie–Hellman or usingsymmetric-key cryptography such asKerberos.
The shared secret can be used for authentication (for instance when logging in to a remote system) using methods such aschallenge–response or it can be fed to akey derivation function to produce one or morekeys to use for encryption and/orMACing of messages.
To make uniquesession and message keys the shared secret is usually combined with aninitialization vector (IV). An example of this is thederived unique key per transaction method.
It is also often used as an authentication measure inweb APIs.[citation needed]
