Cryptography-Diffie Hellman Key Exchange Algorithm

1. Mrs.P.Jayaprabha, HOD/AI&DS

2.  Encryption: plaintext -> ciphertext
 Decryption: ciphertext -> plaintext
 Cryptographic function: mathematical
function or algorithm used to
encrypt/decrypt
 Key: parameter for a cryptographic function
 Symmetric vs. asymmetric keys

3.  Alice and Bob want to speak privately over a
public channel
 Eve is always eavesdropping on Alice and Bob
 Mallory has malicious plans to interfere with
Alice and Bob’s private conversation

4.  Alice and Bob derive a shared secret key over
a public channel (no prior arrangements)
 Publicly agree on two public values, 𝑝 and 𝑔
 Each choose a private value, 𝑎 and 𝑏
 Use clever math to compute a shared secret,
𝑘
 Eve and Mallory never overhear enough
information to derive the shared secret

5. Let 𝑝 be a large prime number
Let 𝑔 be an integer <𝑝
For every number 𝑛 from 1 … 𝑝 − 1 , inclusive, 𝑔
must have a power 𝑘 such that:
𝑛 = 𝑔𝑘 mod 𝑝
 Solving the 𝑘𝑡ℎ
root mod 𝑝 is considered (but
not proven) hard to do in polynomial time

6. Solve for 𝑘, given values 𝑝, 𝑔, 𝑎′, 𝑏′ and knowing:
𝑘 = 𝑔𝑎𝑏
= 𝑔𝑏𝑎
𝑎′ = 𝑔𝑎 mod 𝑝
𝑏′
= 𝑔𝑏
mod 𝑝
𝑘 = (𝑏′)𝑎
mod 𝑝
𝑘 = (𝑎′)𝑏 mod 𝑝
 Finding 𝑘 is easy if 𝑎 or 𝑏are known
 Quickly solved by brute force if 𝑝 = 3 and𝑔 = 2
 What if 𝑝 = 6,461,333,867 and 𝑔 = 3,691?

7. Alice starts the exchangeand tells Bob 𝑝 = 7, 𝑔 = 1
Privately, Alice chooses 𝑎 = 3 and Bob chooses 𝑏 = 5
Alice computes 𝑎′ = 𝑔𝑎 mod 𝑝 and tells Bob the result
𝑎′
= 23
mod 7 = 1
Bob computes 𝑏′
= 𝑔𝑏
mod 𝑝 and tells Alice the result
𝑏′
= 25
mod 7 = 4
Since k = 𝑔𝑏𝑎
, Alice can compute 𝑘 = (𝑏′)𝑎
mod 𝑝
𝑘 = (4)3 mod 7 = 1
Since k = 𝑔𝑎𝑏
, Bob can compute 𝑘 = (𝑎′)𝑏
mod 𝑝
𝑘 = (1)5 mod 7 = 1
Meanwhile, Eve doesn’t know 𝑎 or 𝑏 and can’t easily derive 𝑘

8.  Alice generates a pair of keys, publishing one
and keeping the other private
 Anyone may use the published key to encrypt
messages intended for Alice
 Only Alice can decrypt messages encrypted
with the public key (unless the private key
was compromised somehow)
 Alice may also use the key pair to prove her
identity

9.  Computing the product of two prime numbers is
easy (23*17 = 391)
 Factoring the product of two large prime
numbers is “hard”
 Try factoring
123,018,668,453,011,775,513,049,495,838,496
,272,077,285,356,959,533,479,219,732,245,21
5,172,640,050,726,365,751,874,520,219,978,6
46,938,995,647,494,277,406,384,592,519,255,
732,630,345,373,154,826,850,791,702,612,214
,291,346,167,042,921,431,160,222,124,047,92
7,473,779,408,066,535,141,959,745,986,902,1
43,413

10.  Calculate the product 𝑛 = 𝑝𝑞 where 𝑝 and 𝑞
are very large prime numbers (e.g. tens or
even hundreds of digits long)
 Carefully choose exponents 𝑒 and 𝑑 such that
we can publish the key 𝑘𝑝𝑢𝑏 = (𝑛, 𝑒) and retain
the corresponding private key𝑘𝑝𝑟𝑖𝑣 = (𝑛, 𝑑)

11.  Choose an 𝑒 such that 𝑒 < 𝑛 and 𝑒 is coprime
to 𝑝 − 1 𝑞 − 1
 How? For each 𝑒 in {2 … 𝑝𝑞}, test whether
GCD 𝑒, 𝑝 − 1 𝑞 − 1 = 1 until true.*
 Choose a𝑑 such that 𝑒𝑑 − 1 is divisible by
𝑝 − 1 𝑞 − 1
 Now publish 𝑘𝑝𝑢𝑏 = (𝑛, 𝑒) and retain the
private key𝑘𝑝𝑟𝑖𝑣 = (𝑛, 𝑑)
*Euclid’s or Stein’s algorithm are typically used to compute
the GCD.