Authenticated Key Exchange

See also: Key-agreement protocol and Password-authenticated key agreement

In cryptography, Authenticated Key Exchange (AKE), also known as Authenticated Key Agreement (AKA) or Authentication and Key Establishment, refers to a class of cryptographic protocols that simultaneously establish a shared session key between parties and verify their identities. This process is fundamental to secure communications, ensuring that the communicating parties are legitimate and that the established key is known only to them.^[1]

AKE protocols are typically executed at the beginning of a communication session to create a fresh, shared secret key—usually a symmetric key—while also ensuring that each party is communicating with the intended counterpart. They rely on pre-existing long-term keys, such as pre-shared secrets, public–private key pairs, identity-based keys, or passwords.^[2]

A widely deployed example of an AKE protocol is the Transport Layer Security (TLS) protocol, used to secure HTTPS connections on the web.^[3]