LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

Why is key management a major drawback of symmetric cryptography in a network of users?

Each pair of communicating parties needs its own shared key — so for n users the total number of keys grows as n(n-1)/2, quadratically.

Example sizes:

Users (n) Keys needed
4 6
10 45
100 4,950
1,000 499,500
10,000 49,995,000

And every key must be:

  • Generated securely (CSPRNG).
  • Exchanged over a secure channel (chicken-and-egg).
  • Stored securely on every endpoint.
  • Rotated periodically.
  • Revoked if a participant leaves or is compromised.

The bigger question this raises:

"Und wie wird der Schlüssel sicher ausgetauscht?" (And how is the key securely exchanged?)

That's literally the question asymmetric cryptography was invented to answer. Two solutions:

  1. Key Distribution Centre (KDC) — a trusted central server hands out session keys. Kerberos works this way. Still needs each user to pre-share a key with the KDC.
  2. Public-key / Diffie-Hellman key exchange — derive a shared secret over a public channel without prior contact. The breakthrough of 1976 that made modern HTTPS possible.

Tip: Pure symmetric setups work fine for small fixed groups (e.g. point-to-point VPN, satellite uplink). For the internet's billions of arbitrary peers, you need asymmetric crypto — and that's exactly what TLS does to bootstrap a session.

From Quiz: ISF / Symmetric Cryptography | Updated: Jul 14, 2026