The FREE Cybersecurity Glossary by Thor Pedersen!

Key Derivation Functions (KDFs): Cryptographic algorithms that generate secure, unique keys from an initial secret value, such as a master key or passphrase. KDFs help protect cryptographic operations by ensuring that if one derived key is compromised, others remain secure. They are often used to prevent key reuse and produce cryptographically strong keys in applications requiring multiple distinct keys for different purposes.

Key-Encryption-Key (KEK): A secret key used for encrypting and decrypting other keys. It is commonly used in key management systems to securely store and protect keys. Examples include a KEK used to encrypt keys for secure data transmission, a KEK used to encrypt keys for secure access to a cloud storage system, and a KEK used to encrypt keys for secure access to a financial database.

Key Escrow: A secure storage procedure where cryptographic keys are held in trust, meaning that they're kept by a third party. This arrangement allows for the recovery of encrypted data in cases where individuals lose their keys or in legally mandated situations. Though it provides a solution for lost keys and legal obligations, key escrow is often a contentious topic due to potential misuse or unauthorized access to these keys, which can compromise data security.

Key Escrow Agency: A Key Escrow Agency is a trusted entity responsible for safely storing and managing cryptographic keys on behalf of other parties. The agency ensures that stored keys can be retrieved under predefined conditions, such as legal requirements or key recovery scenarios while maintaining high-security standards to prevent unauthorized access.

Key Exchange: The process of transferring cryptographic keys between parties over a network, enabling secure communication. Key exchange is typically used in protocols like Diffie-Hellman and RSA to securely share keys that will later be used to encrypt and decrypt messages. The transfer is done in such a way that even if the communication is intercepted, the intruder cannot derive the original key. This process is a fundamental part of many secure network protocols, including SSL/TLS, which provides secure web browsing.

Key Goal Indicator (KGI): A metric used to measure progress towards a specific goal or objective in performance management systems. It helps track and evaluate the success of an organization's strategies and initiatives, such as customer satisfaction, employee engagement, or profitability.