How to securely exchange key over a public channel. This is not symmetric algorithm. it is an Asymmetric algorithm. It is also known as internet key exchange. It is fundamental to many protocols including SSH, IPsec, SMTPs

1. DIFFIE – HELLMAN
KEY EXCHANGE
ALGORITHM
Diffie–Hellman key exchange is a method of securely exchanging
cryptographic keys over a public channel and was one of the first public-
key protocols as originally conceptualized by Ralph Merkle and named after
Whitfield Diffie and Martin Hellman
2/4/2020Dr.RajniBhalla(LPU)
1

2. Diffie Hellman
• Not an encryption algorithm
• Used to share secret keys between 2 users .
• We will use assymmteric encryption (public and private key
concept) to exchange the secret key.
2/4/2020Dr.RajniBhalla(LPU)
2

3. Why this algo?
• When we are sending a key to a receiver, it can be attacked in
between
2/4/2020Dr.RajniBhalla(LPU)
3

4. Algorithm
1. Consider a prime number q.
2. Select Alpha(which is primitive root) such that it must be
primitive root of q and (alpha<q)
‘a’ is a primitive root of q
a1 mod q, a2mod q,…………………….aq-1 mod q gives result
(1,2,3…………………….q-1)
Values should not be repeated & we should have all values in the
o/p set from 1 to q—1.
2/4/2020Dr.RajniBhalla(LPU)
4

5. What is primitive root?
• A is primitive root of q if
• a mod q, a2 mod q, a3 mod q………………………………….a(q-1)
mod q
• Example q=7,we want to check whthr 3 is primitive root or
not.
• We will check value until q value id less than one.(7-1=6)
• If q=7, then we must get all values less than 7(like 1,2,3,4,5
and 6).
2/4/2020Dr.RajniBhalla(LPU)
5

6. We get all values less than 7,so we can 3 is
the primitive root of 7
31 MOD 7 = 3
32 MOD 7 = 2
33 MOD 7 = 6
34 MOD 7 = 4
35 MOD 7 = 5
36 MOD 7 = 1
2/4/2020Dr.RajniBhalla(LPU)
6

7. Check 5 whether is primitive root
or not q=7.
51 MOD 7 = 5
52 MOD 7 = 4
53 MOD 7 = 6
54 MOD 7 = 3
55 MOD 7 = 2
56 MOD 7 = 1
We can 5 is primitive root of q. Primitive root must always be less
than q.
2/4/2020Dr.RajniBhalla(LPU)
7

8. Consideraprimenumberq.
Letsq=7
Sowewillcheckfrom1to7
Checkfor1.
Values are repeated so we will cancel 1 or discard immediately.
11 MOD 7 = 1
12 MOD 7 = 1
2/4/2020Dr.RajniBhalla(LPU)
8

9. Check for 2
• Values repeated ,will discard this one too
21 MOD 7 = 2
22 MOD 7 = 4
23 MOD 7 = 1
24 MOD 7 = 2
2/4/2020Dr.RajniBhalla(LPU)
9

10. We will take Alpha =5
• Primitive root can be 2 or 3 or 4 or more.
• We have to select one that must be less than q.
• Suppose we select alpha = 5.
2/4/2020Dr.RajniBhalla(LPU)
10

11. Global Elements
• Alpha and q are global elements that are known to all
2/4/2020Dr.RajniBhalla(LPU)
11

12. 3rd step of algorithm
Note: x->private key of users(will choose by user)
y-> public key of users.
3. Assume Xa (private key of a) and Xa < q.
Once we know ,private key then public will be calculated i.e(Ya)
Calculate Ya = alphaxamod q A is a public key of A
Example
Key generation of person 1
Assume private key Xa=3 (3<7 ,yes condition satisfy)
Calculating public key Ya =alphaxamod q
We already assume apha=5
So, 5pow 3 mod 7 =125 mod 7 equals to Ya=6
2/4/2020Dr.RajniBhalla(LPU)
12

13. 4rth step of algorithm
Calculate private key of second person
• Assume Xb (private key of b) Xb < q
• Calculate Yb = alphaxbmod q (public key of b)
Key generation of person 2
Let private key Xb = 4
Caluclating public key Yb = alphaxbmod q
Yb=5 pow 4 mod 7
Yb=2
2/4/2020Dr.RajniBhalla(LPU)
13

14. Q=7
Q=5
Global elements
Public Keys
Ya=6
Yb=2
Xa=3
Private Key
Private Key
Xb=4
Person 1 Person 2
Now person 1 and person 2 knows their
private key.
Ya,Yb public key will be known to all.
Person A will generate secret key
2/4/2020Dr.RajniBhalla(LPU)
14

15. Now we will calculate secret
key
• To calculate the secret key ,both the sender and receiver will use
public key.
• Value of Yb is 2
• Value of xa=3
Ka = (2)3 mod 7 we get k=1
2/4/2020Dr.RajniBhalla(LPU)
15

16. Calculate kb for person 2
• Kb = (Ya )xb mod q
• Ya = 6
• Xb=4
• Kb = (6 )4 mod 7
• Kb = 1
Both values of ka and kb is 1. So keys are succesfully exhanged.
2/4/2020Dr.RajniBhalla(LPU)
16

17. 2/4/2020Dr.RajniBhalla(LPU)
17

18. • Step 1: Alice and Bob get public numbers P = 23, G = 9
• Step 2: Alice selected a private key a = 4 and Bob
selected a private key b = 3
• Step 3: Alice and Bob compute public values Alice: x
=(9^4 mod 23) = (6561 mod 23) = 6 Bob: y = (9^3 mod
23) = (729 mod 23) = 16
• Step 4: Alice and Bob exchange public numbers
• Step 5: Alice receives public key y =16 and Bob
receives public key x = 6
• Step 6: Alice and Bob compute symmetric keys Alice:
ka = y^a mod p = 65536 mod 23 = 9 Bob: kb = x^b mod
p = 216 mod 23 = 9
• Step 7: 9 is the shared secret.
2/4/2020Dr.RajniBhalla(LPU)
18

19. 2/4/2020Dr.RajniBhalla(LPU)
19

20. References
1. https://www.geeksforgeeks.org/implementation-diffie-
hellman-algorithm/
2. https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_ke
y_exchange
2/4/2020Dr.RajniBhalla(LPU)
20