DIFFIE-HELLMAN KEY

EXCHANGE
 2

OBJECTIVES
Diffie-Hellman Key Exchange
Attacks on Diffie-Hellman
PROBLEM OF KEY
EXCHANGE?
 Click to add picture

KEY EXCHANGE PROBLEMS

 The problem of key exchange arises when two parties need to establish a

shared secret key for secure. communication over an insecure channel (e.g., the
internet) without it being intercepted by a third party (eavesdropper)
 Insecure channels: any message (including the secret key) can be

intercepted.
 Man-in-the-middle-attacks: An attacker could intercept key exchange

messages and replace them with their own, tricking both parties into sharing
keys with the attacker.
 Scalability issues: In large networks, manually distributing secret keys

securely to all participants is impractical

 5

DIFFIE-HELLMAN KEY
EXCHANGE
 The Diffie-Hellman Key Exchange protocol offers a way in which
a public channel can be used to create a confidential shared key.
• Invented by Whitfield Diffie and Martin Hellman in 1976.
• Used for secure key exchange over an insecure channel.
• Foundation for many cryptographic protocols.
COLOR EXAMPLE 6

Alice & Bob with Eve listening wish to

make a secret shared color
 7
STEP 1 - BOTH PUBLICLY AGREE TO A
SHARED COLOR
 8
STEP 1 - BOTH PUBLICLY AGREE TO A
SHARED COLOR
 9

STEP 2 - EACH PICKS A SECRET COLOR

STEP 3 - EACH ADDS THEIR SECRET COLOR10
TO THE SHARED COLOR
STEP 4 - EACH SENDS THE OTHER THEIR 11
NEW MIXED COLOR
EACH COMBINES THE SHARED COLOR FROM THE OTHER
12
WITH THEIR OWN SECRET COLOR
 13

DIFFIE-HELLMAN

 We will rely on the formula below being an

easy problem one direction and hard in
reverse.
 s = gn mod p
• Easy: given g, n, & p, solve for s
• Hard: given s, g, & p, solve for n
 And the property of
• ga*b mod p = gb*a mod p
 14

STEP 1- PUBLICLY
PARAMETERS
1. Alice & Bob publicly agree to a large
prime number called the modulus, or p.
2. Alice & Bob publicly agree to a number
called the generator, or g, which has a
primitive root relationship with p.
3. In our example we’ll assume
a. p = 17
b. g = 3
4. Eve is aware of the values of p or g.
 15

STEP 2- PRIVATE SECRET

KEY
1. Alice selects a secret key, which we will
call a.
2. Bob selects a secret key, which we will
call b.
3. For our example assume:
a. a = 54
b. b = 24
4. Eve is unaware of the values of a or b.
 16
STEP 3- COMBINE SECRET KEY
WITH PUBLIC PARAMETER
1. Alice combines her secret key of a with
the public information to compute A.
a. A = ga mod p
b. A = 354 mod 17
c. A = 15
 17
STEP 3- COMBINE SECRET KEY
WITH PUBLIC PARAMETER
2. Bob combines his secret key of b with the
public information to compute B.
a. B = gb mod p
b. B = 354 mod 17
c. B = 16
 18
STEP 4- SHARE COMBINED
VALUES
1. Alice shares her combined value, A, with Bob. Bob
shares his combined value, B, with Alice.
2. Sent to Bob
a. A = 15
3. Sent to Alice
a. B = 16
4. Eve is privy to this exchange and knows the
values of A and B
 19

STEP 5- COMPUTE SHARED KEY

1. Alice computes the shared key.
a. s = (B mod p)a mod p
b. s = gb*a mod p
c. s = 354*24 mod 17
d. s = 1
2. Bob computes the shared key.
a. s = (A mod p)a mod p
b. s = ga*b mod p
c. s = 324*54 mod 17
d. s = 1
 20
MAN-IN-THE-MIDDLE-ATTACK ON DIFFIE-
HELLMAN

Click icon to add picture

THANK
YOU!