Scribd
Upload
134 views10 pages

Diffie-Helman Key Exchange Algorithm: 97, B Chooses X

The Diffie-Hellman key exchange algorithm allows two users to exchange a secret key over an unsecure channel. It works by having the users agree on an algorithm parameter called a prime number and both choose a secret random number. They then compute and exchange public keys based on these values to derive a common secret key. However, it is vulnerable to man-in-the-middle attacks where an adversary can impersonate each user to intercept the key exchange. This vulnerability can be overcome using digital signatures to authenticate the identities of the users.

Uploaded by

Ananda Jaiswal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
134 views10 pages

Diffie-Helman Key Exchange Algorithm: 97, B Chooses X

The Diffie-Hellman key exchange algorithm allows two users to exchange a secret key over an unsecure channel. It works by having the users agree on an algorithm parameter called a prime number and both choose a secret random number. They then compute and exchange public keys based on these values to derive a common secret key. However, it is vulnerable to man-in-the-middle attacks where an adversary can impersonate each user to intercept the key exchange. This vulnerability can be overcome using digital signatures to authenticate the identities of the users.

Uploaded by

Ananda Jaiswal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

DIFFIE-HELMAN KEY EXCHANGE ALGORITHM

Example-1

Users Alice & Bob who wish to exchange keys agree on prime q=353 and α=3 select random secret keys:A chooses xA=97, B chooses xB=233.compute
respective public keys:

yA = α xA mod q (Alice)
yA=397 mod 353 = 40

yB = α xB mod q (Bob)

yB=3233 mod 353 = 248

Compute common key as:

 A computes K= (yB)xA mod 353 = 24897 mod 353 = 160 (Alice)

 B computes K= (yA)xB mod 353 = 40233 mod 353 = 160 (Bob)


Example-2

Explain in detail, the Diffie-Hellman key exchange. Users A and B use the Diffie-Hellman key exchange technique, a common prime q=71 and a primitive root
α=7       
1)If user A has private key XA =5, what is A’s public key YA?
2)If user B has private key XB =12, what is B’s public key YB?
3)What is shared secret key?
Example-3:

Consider a Diffie-Hellman scheme with a common prime q=11 and a primitive root α=2
1)Show that 2 is a primitive root of 11?
2)If user A has public key YA =9, what is A’s private key XA?                             
3)If user B has public key YB =3, what is the shared secret key K?

Solutions:

1) if α is a primitive root of the prime number p, then the numbers

α mod p, α 2 mod p, .... , α p-1 mod p are distinct and consist of the integers from 1 through p-1 in some permutation.

For 2 to be primitive root of 11

2 mod 11=2
22 mod 11=4
23 mod 11=8
24 mod 11=5
25 mod 11=10
26 mod 11=9
27 mod 11=7
28 mod 11=3
29 mod 11=6
210 mod 11=1
are to be distinct and are integers from 1 to 10.

ie, 2,4,8,5,10,9,7,3,6,1 are integers from 1 to 10

Therefore, 2 is primitive root of 11

2) If user A has public key YA =9,

yA = α xA mod q

9=2 xA mod 11

X A= 6

3)If user B has public key YB =3, then the shared secret key is :

Session key K computed by A = (YB) XA mod q

= 36mod 11

=3
Example-4
Man-in-the-Middle Attack

 The Diffie-Hellman protocol is insecure against a man-in-the-middle attack. Suppose Alice and Bob wish to exchange keys, and Darth is the
adversary. The attack proceeds as follows.

• At this point, Bob and Alice think that they share a secret key, but instead Bob and Darth share secret key and Alice and Darth share secret key . All
future communication between Bob and Alice is compromised in the following way.
 The key exchange protocol is vulnerable to such an attack because it does not authenticate the participants.

 This vulnerability can be overcome with the use of digital signatures and public-key certificates

You might also like