Page 1 of 1

9.3.1 Diffie-Hellman
The Diffie-Hellman scheme [295] was the first public key cryptosystem proposed, and it is still
in use today. A pair of users use this algorithm to generate a common key. It is based on the
discrete logarithm problem. This problem is to find a value of k such that n = gk mod p for a
given n, g, and prime p. Although solutions are known for small values of p, the difficulty
increases exponentially as p increases [605].

In this cryptosystem, all users share a common modulus p and a g other than 0, 1, or p – 1.
Each user chooses a private key k and computes a public key K. When two users want to
communicate, each enciphers the other's public key using their own private key, and uses the
result as the shared secret key S.

EXAMPLE: Alice and Bob have chosen p = 53 and g = 17. They choose their private
keys to be kAlice = 5 and kBob = 7. Their public keys are KAlice = 175 mod 53 = 40 and
KBob = 177 mod 53 = 6.

Suppose Bob wishes to send Alice a message. He computes a shared secret key by
enciphering Alice's public key using his private key:

SBob,Alice = KAlicekBob mod p = 407 mod 53 = 38

and enciphers his message using this key (and any desired secret key cryptosystem).
When Alice gets the message, she computes the key she shares with Bob as

SAlice,Bob = KBobkAlice mod p = 65 mod 53 = 38

and can decipher the message. The mathematical properties of modular

exponentiation ensure that for any two users A and B, SA,B = SB,A (see Exercise 9).

Because the users share a common secret key S, the Diffie-Hellman scheme is an example of a
symmetric key exchange protocol. Under the assumption that solving the discrete logarithm
problem is computationally infeasible, deriving a private key from the corresponding public key
is also computationally infeasible. In practice, p must be very large (hundreds of bits) for this
assumption to be met.

26/05/2010