Scribd
Upload
76 views

The Diffie-Hellman Algorithm: Dr. Amjad Ali Department of Computer Science COMSATS University Islamabad, Lahore Campus

The document discusses the Diffie-Hellman key exchange algorithm. It was discovered by Whitfield Diffie and Martin Hellman and allows two users to exchange a secret key over an untrusted network without any prior secrets. It uses large prime numbers and discrete logarithms to generate the key. The algorithm is widely used today to securely transmit data over SSL, SSH, IPSec and other protocols.

Uploaded by

Shaheer Arshad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
76 views

The Diffie-Hellman Algorithm: Dr. Amjad Ali Department of Computer Science COMSATS University Islamabad, Lahore Campus

The document discusses the Diffie-Hellman key exchange algorithm. It was discovered by Whitfield Diffie and Martin Hellman and allows two users to exchange a secret key over an untrusted network without any prior secrets. It uses large prime numbers and discrete logarithms to generate the key. The algorithm is widely used today to securely transmit data over SSL, SSH, IPSec and other protocols.

Uploaded by

Shaheer Arshad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

The Diffie-Hellman Algorithm

Dr. Amjad Ali


Department of Computer Science
COMSATS University Islamabad, Lahore Campus
Overview

 Introduction

 Implementation

 Example

 Applications

 Conclusion
Introduction
 Discovered by Whitfield Diffie and Martin Hellman
 “New Directions in Cryptography”

 Diffie-Hellman key agreement protocol


 Exponential key agreement
 Allows two users to exchange a secret key
 Requires no prior secrets
 Real-time over an untrusted network
Introduction
 Security of transmission is critical for many
network and Internet applications
 Requires users to share information in a way that
others can’t decipher the flow of information

“It is insufficient to protect ourselves with laws; we


need to protect ourselves with mathematics.”
-Bruce Schneier
Introduction
 Based on the difficulty of computing discrete
logarithms of large numbers.

 No known successful attack strategies*

 Requires two large numbers, one prime (P), and (G),


a primitive root of P
Implementation
 P and
G are both publicly available
numbers
P is at least 512 bits
 Users
pick private values a and b
 Compute public values
x = ga mod p
y = gb mod p
 Public values x and y are exchanged
Implementation
Implementation

 Compute shared, private key


ka = ya mod p
kb = xb mod p

 Algebraically it can be shown that ka = kb


Users now have a symmetric secret key to encrypt
Example
 Two Internet users, Alice and Bob wish to have a secure
conversation.
 They decide to use the Diffie-Hellman protocol
Example

 Bob and Alice are unable to talk on the untrusted


network.

–Who knows who’s listening?


Example

 Alice and Bob get public numbers


P = 23, G = 9

 Alice and Bob compute public values


X = 94 mod 23 = 6561 mod 23 = 6
Y = 93 mod 23 = 729 mod 23 = 16

 Alice and Bob exchange public numbers


Example
 Alice and Bob compute private keys
ka = ya mod p = 164 mod 23 = 9
kb = xb mod p = 63 mod 23 = 9

 Alice and Bob now can talk securely!


Applications

 Diffie-Hellman is currently used in many protocols,


namely:
 Secure Sockets Layer (SSL)/Transport Layer Security
(TLS)
 Secure Shell (SSH)
 Internet Protocol Security (IPSec)
 Public Key Infrastructure (PKI)
Conclusion
 Authenticated Diffie-Hellman Key Agreement
(1992)
 Defeats middleperson attack

 Diffie-Hellman POP Algorithm


 Enhances IPSec layer

 Diffie-Hellman continues to play large role in


secure protocol creation

You might also like