In symmetric cryptography, how does one transport the secret key from the sender to the recipient securely and in a tamperproof fashion?

John Mitchell

Key management is the hard part of good crypto. solutions. In a purely symmetric solution, you are totally responsible for transporting the key via some other (type of) channel to distribute the key privately and securely. I.e., a face to face meeting.

Typically, what people do is use an asymmetric, public-key based system to privately and securely transfer (and sign, etc.) private keys and then use the private keys for the securing actual conversations. This, of course, devolves to the problem of distributing the sender's and recipient's public keys but that's easy since you can give those to everybody through various channels and verify the public key via a number of different channels (like exchanging the "fingerprints" of the key over the telephone).