Diffie-Hellman Key Exchange
The first step in public-key cryptography
Alice and Bob want exchange an encryption key over an insecure communication link where Eve is
listening in. To do this they need to use a prime number. The Diffie-Hellman algorithm uses a simple
concept in mathematics where a prime number can be used to generate a list of numbers in a seemingly
random sequence. This seemingly random sequence is what make the algorithm secure.
Alice and Bob agree on a prime number P.
Alice and Bob agree on a primitive root of their prime number. A primitive root is simply a number
that has a special relationship with a prime number causing it to generate a random sequence. Primitive
roots are hard to find, so we must manually check if the number we choose generates a list of random
numbers. If it does, then it is a primitive root.
Let us test if the number 3 is a primitive root of 5. We do this by getting the exponentiation/powers of
our prime for every positive whole number less than our prime number (basically between 0 and 5
excluding 0 and 5).
Then we set our upper limit of our output to the value of our prime, by getting the remainder after
3 mod 5 = 3
9 mod 5 = 4
27 mod 5 = 2
81 mod 5 = 1
Notice that the numbers 3, 4, 2 and 1 are all unique (this is called a full period). Also notice that the
order of the numbers is not sequential. This is the random property we were taking about earlier. So
now that we have found our primitive root we will note its value.
Alice chooses a positive whole number as her secret key.
Alice computes her public key and sends it to Bob.
A = g^a mod P
4 = 3^6 mod 5
Note: This formula is the same one we used earlier to find our primitive root and we are using the same
values for g and P. This means that whatever number Alice chose for her private key, the output will be
one of the random numbers from our list. This randomness is very important.
Bob chooses a positive whole number as his secret key.
Bob computer his public key and sends it to Alice.
B = g^b mod P
2 = 3^7 mod 5
Alice and Bob now compute a shared secret key
[Shared Key] = [other persons public key]^[their own secret key] mod P
S = 4^7 mod 5
S = 2^6 mod 5
“P”, “g”, “A” and “B” were transmitted. Can “a” and “b” be calculated? Hint: discrete logarithm.