3. Background
A few “key” concepts
• Encryption: plaintext -> ciphertext
• Decryption: ciphertext -> plaintext
• Cryptographic function: mathematical
function or algorithm used to encrypt/decrypt
• Key: parameter for a cryptographic function
• Symmetric vs. asymmetric keys
4. So four people walk into a bar…
Alice, Bob, Eve, and Mallory
• Alice and Bob want to speak privately over a
public channel
• Eve is always eavesdropping on Alice and Bob
• Mallory has malicious plans to interfere with
Alice and Bob’s private conversation
5. Diffie-Hellman key exchange
The concept
• Alice and Bob derive a shared secret key over
a public channel (no prior arrangements)
• Publicly agree on two public values, 𝑝 and 𝑔
• Each choose a private value, 𝑎 and 𝑏
• Use clever math to compute a shared secret, 𝑘
• Eve and Mallory never overhear enough
information to derive the shared secret
6. Diffie-Hellman key exchange
The math: discrete logarithm problem
Let 𝑝 be a large prime number
Let 𝑔 be an integer < 𝑝
For every number 𝑛 from 1 … 𝑝 − 1 , inclusive,
𝑔 must have a power 𝑘 such that:
𝑛 = 𝑔𝑘
mod 𝑝
• Solving the 𝑘𝑡ℎ
root mod 𝑝 is considered (but
not proven) hard to do in polynomial time
7. Diffie-Hellman key exchange
The math: discrete logarithm in action
Solve for 𝑘, given values 𝑝, 𝑔, 𝑎′, 𝑏′ and knowing:
𝑘 = 𝑔𝑎𝑏
= 𝑔𝑏𝑎
𝑎′
= 𝑔𝑎
mod 𝑝
𝑏′
= 𝑔𝑏
mod 𝑝
𝑘 = (𝑏′)𝑎
mod 𝑝
𝑘 = (𝑎′)𝑏
mod 𝑝
• Finding 𝑘 is easy if 𝑎 or 𝑏 are known
• Quickly solved by brute force if 𝑝 = 3 and 𝑔 = 2
• What if 𝑝 = 6,461,333,867 and 𝑔 = 3,691?
8. Diffie-Hellman key exchange
Example using small numbers
Alice starts the exchange and tells Bob 𝑝 = 7, 𝑔 = 1
Privately, Alice chooses 𝑎 = 3 and Bob chooses 𝑏 = 5
Alice computes 𝑎′ = 𝑔𝑎 mod 𝑝 and tells Bob the result
𝑎′
= 23
mod 7 = 1
Bob computes 𝑏′ = 𝑔𝑏 mod 𝑝 and tells Alice the result
𝑏′ = 25 mod 7 = 4
Since k = 𝑔𝑏𝑎
, Alice can compute 𝑘 = (𝑏′)𝑎
mod 𝑝
𝑘 = (4)3
mod 7 = 1
Since k = 𝑔𝑎𝑏
, Bob can compute 𝑘 = (𝑎′)𝑏
mod 𝑝
𝑘 = (1)5 mod 7 = 1
Meanwhile, Eve doesn’t know 𝑎 or 𝑏 and can’t easily derive 𝑘
9. RSA key generation
The concept
• Alice generates a pair of keys, publishing one
and keeping the other private
• Anyone may use the published key to encrypt
messages intended for Alice
• Only Alice can decrypt messages encrypted
with the public key (unless the private key was
compromised somehow)
• Alice may also use the key pair to prove her
identity
10. RSA key generation
The math: factoring problem
• Computing the product of two prime numbers is
easy (23*17 = 391)
• Factoring the product of two large prime
numbers is “hard”
• Try factoring
123,018,668,453,011,775,513,049,495,838,496,2
72,077,285,356,959,533,479,219,732,245,215,17
2,640,050,726,365,751,874,520,219,978,646,938
,995,647,494,277,406,384,592,519,255,732,630,
345,373,154,826,850,791,702,612,214,291,346,1
67,042,921,431,160,222,124,047,927,473,779,40
8,066,535,141,959,745,986,902,143,413
11. RSA key generation
The math: public and private key pair
• Calculate the product 𝑛 = 𝑝𝑞 where 𝑝 and 𝑞
are very large prime numbers (e.g. tens or
even hundreds of digits long)
• Carefully choose exponents 𝑒 and 𝑑 such that
we can publish the key 𝑘𝑝𝑢𝑏 = (𝑛, 𝑒) and
retain the corresponding private key 𝑘𝑝𝑟𝑖𝑣 =
(𝑛, 𝑑)
12. RSA key generation
The math: “exponential” difficulty
• Choose an 𝑒 such that 𝑒 < 𝑛 and 𝑒 is coprime
to 𝑝 − 1 𝑞 − 1
• How? For each 𝑒 in {2 … 𝑝𝑞}, test whether
GCD 𝑒, 𝑝 − 1 𝑞 − 1 = 1 until true.*
• Choose a 𝑑 such that 𝑒𝑑 − 1 is divisible by
𝑝 − 1 𝑞 − 1
• Now publish 𝑘𝑝𝑢𝑏 = (𝑛, 𝑒) and retain the
private key 𝑘𝑝𝑟𝑖𝑣 = (𝑛, 𝑑)
*Euclid’s or Stein’s algorithm are typically used to compute the GCD.
13. References
Some light reading on the web
RSA Laboratories: 3.6.1 What is Diffie-Hellman?
David A. Carts: A Review of the Diffie-Hellman Algorithm
and its Use in Secure Internet Protocols.
RSA Laboratories: What is the RSA Cryptosystem?
RSA Laboratories: RSA Factoring Challenge.
BigPrimes.net: Prime Numbers Archive.