In cryptography, a shared secret is a piece of data, known only to the parties involved, in a secure communication.
The shared secret can be a PIN code, a password, a passphrase, a big number, or an array of randomly chosen bytes.
The shared secret is either shared beforehand between the communicating parties, in which case it can also be called a pre-shared key, or it is created at the start of the communication session by using a key-agreement protocol, for instance using public-key cryptography such as Diffie–Hellman or using symmetric-key cryptography such as Kerberos.
The shared secret can be used for authentication (for instance when logging in to a remote system) using methods such as challenge–response or it can be fed to a key derivation function to produce one or more keys to use for encryption and/or MACing of messages.
To make unique session and message keys the shared secret is usually combined with an initialization vector (IV).