adam's notes

Diffie-Hellman

Diffie-Hellman algorithm is a cryptographic protocol that allows two parties to establish a shared key over an insecure channel.

  • allows parties to exchange a symmetric key over an insecure medium, such as Internet
  • developed in 1976 by Whitfield Diffie and Martin Hellman
    • work heavily relied on concepts from Ralph Merkle
      • so technically called Diffie-Hellman-Merkle
    • was already developed by British Intelligence Service, but was classified and thus not disclosed
  • enabled secure communications for e-commerce and e-banking
  • can generate both:
    • static key
      • a long-term key intended to be used over an extended time-period
    • ephemeral key
      • a key used in only a single transaction
      • generated for each execution of a key-establishment process
      • two DH methods use ephemeral keys:
        • Diffie-Hellman Ephemeral (DHE) or Ephemeral Diffie-Hellman (EDH)
        • Elliptic Curve DHE
          • uses ephemeral keys generated by ECC
      • both provide for perfect forward secrecy

How It Works

  • each party must somehow prove their identity before they can jointly authorize each other to participate in the session
  • key exchange is not about exchanging secret information between parties
    • it is about creating a shared key to use for subsequent encrypted sharing of secrets
  • uses trapdoor functions
    • mathematical problems that are easy to do in one direction but very difficult to do in the reverse
  • uses a multiplicative group of integers, modulo , where the modulus is a large prime number, and , the generator value, is also another large prime
    • choosing these values appropriately allows for a resulting shared secret (aka session key) to be in the range between and
    • and are both publicly available
    • what happens next depends on the parties choosing other values,
      • which will be used as exponents in computing the shared secret

Example

Suppose Bob and Carol want to establish their own encrypted Internet connection with each other. Here’s what happens:

  1. Bob and Carol choose a suitable trapdoor function
  • choose the key parameters to use
  • what they agree on can be shared in open, unsecured email with each other
  1. Carol chooses her private key and keeps it secret
  • uses the trapdoor function to calculate her public key, which she sends to Bob
  • Bob also chooses a private key and uses the same trapdoor function to calculate his public key and sends that to Carol
  1. Carol applies the trapdoor function Bob’s public key, using her own private key
  • the result is called the session key
  • Carol keeps this secret
  1. Bob applies the same trapdoor function to Carol’s public key, using his own private key
  • This produces the same session key
  1. Carol and Bob now share a new secret, the session key
  • key can be used with an appropriate and agreed to symmetric encryption algorithm so that Bob and Carol can exchange information with each other and keep other from being able to read it

Shown with small values below:

  • can be used with 3 or more parties as long as each share the choices about algorithms and parameters and compute their own public keys and share them
  • this is where PKI got its start

Vulnerability

  • vulnerable to man-in-the-middle attacks
    • where attacker is place between Bob and Carol and intercepts their messages
  • Mitigating MITM attacks:
    • Encrypt the DH exchange with a shared symmetric key
    • Encrypt the DH exchange with public keys
    • Sign the DH values with private keys

Graph View

Backlinks