Key generator

A key generator (or keygen) in cryptography is a protocol or algorithm used to generate a sequence with pseudo-random characteristics for use as an encryption key.^[1]^[2]^[3] The generated sequence is used as an encryption key at one end of communication and as a decryption key at the other.

Key generators can be implemented in systems designed to generate, distribute, and authenticate^[4] keys for public key cryptography, where without the private key, one cannot access information encrypted with the public key.^[5]

Requirements

For a key generator to be cryptographically secure, its output must have several properties:^[6]

Uncorrelated sequences – no sequence of any given length should be correlated to any other sequence of the algorithm's output
Long period – the sequence should not repeat for a very long time
Uniform distribution – the output bits should be uniformly distributed
Unpredictability – it should be computationally infeasible to predict future output given past output

Key generators typically rely on sources of entropy to seed their algorithms, which may be hardware-based (such as electronic noise or timing variations) or software-based.^[6]

Types

Symmetric key generators

Symmetric key generators produce a single shared key used for both encryption and decryption. These generators often use pseudorandom number generators (PRNGs) seeded with entropy from various sources. Modern standards such as NIST SP 800-90 specify approved random bit generators for this purpose.^[7]

Keystream generators

In stream ciphers, a keystream generator produces a continuous stream of pseudorandom bits that are combined with the plaintext using the XOR operation.^[8] The keystream generator takes a relatively short key (typically 80–256 bits) and an initialization vector (IV) and expands them into a much longer keystream.^[9]

Examples

Common key generator implementations include:

Linear-feedback shift registers (LFSRs) – widely used in hardware implementations due to their simplicity, though typically combined with non-linear functions to improve security^[8]
A5/1 – the stream cipher used for GSM mobile phone encryption, based on three irregularly clocked LFSRs^[10]
Trivium – an eSTREAM finalist stream cipher using three interconnected shift registers^[11]
Grain – a lightweight stream cipher using both linear and non-linear feedback shift registers^[9]
Solitaire (or Pontifex) cipher – a manual keystream generator using a deck of playing cards

References

^ "Generating Keys for Encryption and Decryption". Microsoft Docs. Retrieved 2022-04-04.
^ "Symmetric Key Cryptography Using Random Key Generator". Retrieved 2022-04-04.
^ Abdalrdha, Zainab Khyioon; Al-Qinani, Iman Hussein; Abbas, Farah Neamah (2019). "Subject Review: Key Generation in Different Cryptography Algorithm". International Journal of Scientific Research in Science, Engineering and Technology: 230–240. doi:10.32628/IJSRSET196550. S2CID 207976370.
^ Bellare, Mihir; Rogaway, Phillip (August 1993). "Entity Authentication and Key Distribution". Advances in Cryptology — CRYPTO' 93. Lecture Notes in Computer Science. Vol. 773. pp. 232–249. CiteSeerX 10.1.1.62.3423. doi:10.1007/3-540-48329-2_21. ISBN 978-3-540-57766-9. S2CID 5447745.
^ Fox, Pamela. "Public key encryption". Khan Academy. Retrieved May 19, 2021.
^ ^a ^b "Choosing the Right Cryptographic Key Generation Algorithm". Cryptomathic. Retrieved 26 January 2026.
^ "Recommendation for Cryptographic Key Generation" (PDF). National Institute of Standards and Technology. Retrieved 26 January 2026.
^ ^a ^b Menezes, Alfred J.; van Oorschot, Paul C.; Vanstone, Scott A. (1996). "Stream Ciphers". Handbook of Applied Cryptography (PDF). CRC Press. ISBN 0-8493-8523-7.
^ ^a ^b "LIZARD – A Lightweight Stream Cipher for Power-constrained Devices". IACR Transactions on Symmetric Cryptology. 2017. doi:10.13154/tosc.v2017.i1.45-79.
^ "A Real-World Attack Breaking A5/1 within Hours" (PDF). IACR Cryptology ePrint Archive. 2008.
^ Simpson, L.; Boztas, S. (2012). "State cycles, initialization and the Trivium stream cipher". Cryptography and Communications. 4: 245–258. doi:10.1007/s12095-012-0066-6.

[urlGenerating_Keys_for_Encryption_and_Decryption_|_Microsoft_Docs-1] "Generating Keys for Encryption and Decryption". Microsoft Docs. Retrieved 2022-04-04.

[2] "Symmetric Key Cryptography Using Random Key Generator". Retrieved 2022-04-04.

[review-3] Abdalrdha, Zainab Khyioon; Al-Qinani, Iman Hussein; Abbas, Farah Neamah (2019). "Subject Review: Key Generation in Different Cryptography Algorithm". International Journal of Scientific Research in Science, Engineering and Technology: 230–240. doi:10.32628/IJSRSET196550. S2CID 207976370.

[4] Bellare, Mihir; Rogaway, Phillip (August 1993). "Entity Authentication and Key Distribution". Advances in Cryptology — CRYPTO' 93. Lecture Notes in Computer Science. Vol. 773. pp. 232–249. CiteSeerX 10.1.1.62.3423. doi:10.1007/3-540-48329-2_21. ISBN 978-3-540-57766-9. S2CID 5447745.

[5] Fox, Pamela. "Public key encryption". Khan Academy. Retrieved May 19, 2021.

[cryptomathic-6] "Choosing the Right Cryptographic Key Generation Algorithm". Cryptomathic. Retrieved 26 January 2026.

[nist-7] "Recommendation for Cryptographic Key Generation" (PDF). National Institute of Standards and Technology. Retrieved 26 January 2026.

[hac-8] Menezes, Alfred J.; van Oorschot, Paul C.; Vanstone, Scott A. (1996). "Stream Ciphers". Handbook of Applied Cryptography (PDF). CRC Press. ISBN 0-8493-8523-7.

[lizard-9] "LIZARD – A Lightweight Stream Cipher for Power-constrained Devices". IACR Transactions on Symmetric Cryptology. 2017. doi:10.13154/tosc.v2017.i1.45-79.

[a51-10] "A Real-World Attack Breaking A5/1 within Hours" (PDF). IACR Cryptology ePrint Archive. 2008.

[trivium-11] Simpson, L.; Boztas, S. (2012). "State cycles, initialization and the Trivium stream cipher". Cryptography and Communications. 4: 245–258. doi:10.1007/s12095-012-0066-6.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]