Security Encyclopedia

Secret Key

In symmetric cryptography a secret key (or “private key”) is a piece of information or a framework that is used to decrypt and encrypt messages.

Each party to a conversation that is intended to be private possesses a common secret key. Using the key one party sends the other a message transformed from its original (plaintext) into its encrypted form (ciphertext) and the other party reverses this process to reveal the original, and the process repeats. Examples of a secret key are ROT13 as agreed upon by the parties or a cable television provider’s sending of Entitlement Management Messages (EMMs) alongside programming. In the latter, the viewer’s set-top box contains the secret key that the cable provider and viewer use to make the programming viewable.

A common challenge in symmetric or secret key encryption systems is agreeing upon the private key when the parties are unable to meet in person, since someone may eavesdrop on the key sharing discussion. For that reason, asymmetric or public-key cryptography can be used to share a key. In asymmetric cryptography or encryption, the parties use a private key and a public key (hence public-key cryptography [PKC] being synonymous with the asymmetric variety).


“Secret key, or symmetric, cryptosystems provide fast and efficient security. Since they rely so heavily on the secrecy of the private keys by the parties, however, key exchange must be handled impeccably and that’s why PKI is called into service for the initial key distribution.”