Diffie-Hellman key exchange is a method to securely establish a shared secret between two parties (Alice and Bob) over a public channel.
1. Alice and Bob agrees on the publicly shared domain parameters 𝛼 (generator) and p (modulus). For example 𝛼 = 3, p = 17
2. Alice generates a random number. This is Alice private key.
priv key(Alice) ∈ {2, ..., p-2} example: priv key = 15 Note: ∈ means element of
3. Bob also generates a random number. This is Bob private key.
priv key(bob) ∈ {2, ..., p-2} example: priv key = 15
4. Alice calculates her public key.
pub key (alice) = 𝛼priv key alice (mod p) = 315 (mod 17)
5. Bob also calculates his public key.
pub key (bob) = 𝛼priv key Bob (mod p) = 313 (mod 17)
6. Alice sends her public key Bob over the public channel.
7. Bob sends his public key to Alice over the public channel.
8. Alice takes Bob public key and calculates the secret key.
secret key = pub key (bob) (mod p) = pub key bob13 (mod 17)
9. Bob takes Alice public key and calculates the secret key (same as Alice):
secret key = pub key (alice) (mod p) = pub keyalice13 (mod 17)
10. Alice and Bob can use the secret key (also known as session key) in a symmetric key algorithm for example AES to encrypt and decrypt their messages.
Proof that Alice and Bob secret keys are the same:
Can Eve calculates the secret key?
Eve has intercepted Alice and Bob public key and she knows 𝛂 and p:
public key (alice) = 𝛂 (mod p)
She needs to calculates the discrete logarithm, which is very hard to do (p ≥ 1024 bits):
priv key (alice) = log𝛂 pub key(alice) (mod p)
in another form:
pub key(alice) = 𝛂 (mod p)
1. Alice and Bob agrees on the publicly shared domain parameters 𝛼 (generator) and p (modulus). For example 𝛼 = 3, p = 17
2. Alice generates a random number. This is Alice private key.
priv key(Alice) ∈ {2, ..., p-2} example: priv key = 15 Note: ∈ means element of
3. Bob also generates a random number. This is Bob private key.
priv key(bob) ∈ {2, ..., p-2} example: priv key = 15
4. Alice calculates her public key.
pub key (alice) = 𝛼priv key alice (mod p) = 315 (mod 17)
5. Bob also calculates his public key.
pub key (bob) = 𝛼priv key Bob (mod p) = 313 (mod 17)
6. Alice sends her public key Bob over the public channel.
7. Bob sends his public key to Alice over the public channel.
8. Alice takes Bob public key and calculates the secret key.
secret key = pub key (bob) (mod p) = pub key bob13 (mod 17)
9. Bob takes Alice public key and calculates the secret key (same as Alice):
secret key = pub key (alice) (mod p) = pub keyalice13 (mod 17)
10. Alice and Bob can use the secret key (also known as session key) in a symmetric key algorithm for example AES to encrypt and decrypt their messages.
Proof that Alice and Bob secret keys are the same:
Can Eve calculates the secret key?
Eve has intercepted Alice and Bob public key and she knows 𝛂 and p:
public key (alice) = 𝛂 (mod p)
She needs to calculates the discrete logarithm, which is very hard to do (p ≥ 1024 bits):
priv key (alice) = log𝛂 pub key(alice) (mod p)
in another form:
pub key(alice) = 𝛂 (mod p)
No comments:
Post a Comment