Diffie-Hellman Key Exchange

Algorithm/Agreement
Symmetric Key Cryptography – The Problem of key Distribution
 Diffie-Hellman Key Exchange
Algorithm/Agreement
• Diffie-Hellman Key Exchange algorithm is an
advanced cryptographic method used to establish a
shared secret key that can be used to perform secret
communication on a public network.
•The key exchange procedure has two steps :
1.One-time setup: Define some public parameters that are
used by everyone forever.
2.Protocol: Run a two-message key exchange protocol to
generate new secret keys. This process is done using some
simple algebra, prime numbers, and properties of modular
arithmetic.
 Algorithm
1. Alice and Bob agree on two large prime numbers, p and g,
and a public key exchange algorithm.
2. Alice chooses a secret integer, a, and computes A = ga mod p.
She sends A to Bob.
3. Bob chooses a secret integer, b, and computes B = gb mod p.
He sends B to Alice.
4. Alice computes k = Ba mod p. Bob computes k = Ab mod p.
5. Alice and Bob now both have shared secret keys, which they
can use to establish a secure communication channel.
 Example
Consider p = 353, g = 3 ( 3 is primitive root of 353)
A’s private key : a = 97
B’s private key : b = 223
Alice computes A = ga mod p = 397 mod 353 = 40
Bob computes B = gb mod p = 3233 mod 353 = 248
After exchange of public keys,
each can compute the common secret key
Alice computes K = (B)a mod p = (248) 97 mod 353 = 160
Bob computes K = (A)b mod p = (40) 253 mod 353 = 160
 Security Threat of the Diffie-Hellman
• Let’s assume that the eavesdropper knows the public values
p and g and with all her knowledge, she still can’t compute
the secret key k, as it turns out, if p and g are properly
chosen, it’s very, very hard for her to do.

• For instance, you could brute force it and try all the options,
but the calculations (mod p) make the discrete log
calculation super slow when the numbers are large.

• Even with its immunity to brute force, it’s vulnerable to

MITM (man in the middle position).
 Man In Middle Attack (MITM)
• Step 1: Selected public numbers p and g, p is a prime number, called
the “modulus” and g is called the base.
• Step 2: Selecting private numbers
Let Alice pick a private random number a and let Bob pick a private
random number b, Malory picks 2 random numbers c and d.
• Step 3: Intercepting public values,
• Malory intercepts Alice’s public value (ga(mod p)), block it from
reaching Bob, and instead sends Bob her own public value (gc(modp))
and Malory intercepts Bob’s public value (gb(mod p)), block it from
reaching Alice, and instead sends Alice her own public value (gd
(modp))
• Step 4: Computing secret key
• Alice will compute a key S1=gda(mod p), and Bob will compute a
different key, S2=gcb(mod p)
• Step 5: If Alice uses S1 as a key to encrypt a later message to Bob,
Malory can decrypt it, re-encrypt it using S2, and send it to Bob.
• Bob and Alice won’t notice any problem and may assume their
communication is encrypted, but in reality, Malory can decrypt, read,
modify, and then re-encrypt all their conversations.