What is the Diffie-Hellman key exchange protocol?

Cryptography provides secure end-to-end communication by employing encryption and decryption. The encryption algorithm converts the input (plaintext) into an encrypted output (ciphertext) using a key. The key must remain secure and unknown to the attacker for the system to stay secure. The two types of cryptosystems are:

  • Symmetric Cryptography: There is one shared key used for both encryption and decryption.

  • Asymmetric Cryptography: There are two keys (private key and public key), one for encryption and the other for decryption.

A key exchange protocol is used for symmetric cryptosystems to establish the shared key by communicating it over an insecure channel, requiring no previous connections.

For example, if A and B want to exchange encrypted messages, A and B will not need to meet in person secretly to share the key. Instead, they can use an insecure channel effectively and share the key using the Diffie-Hellman key exchange protocol (DH protocol).

Diffie-Hellman protocol

Based on modular exponentiation, the DH protocol is named after its inventors Whitfield Diffie and Martin Hellman. The steps involved in exchanging the key using this protocol are as follows:

Suppose person A wants to communicate with person B over an insecure channel. The first requirement would be to pick the following two public parameters:

  • p: large prime number
  • g: a generator number in the range 0 < g < p-1.
  1. Person A will then pick a secret number x in the range 0 < x < p-2 and calculate X = gxg^{{x}} mod p.

  2. A will send X over to B.

  3. Person B will pick a secret number y in the range 0 < y < p-2 and calculate Y = gyg^{{y}} mod p.

  4. B will send Y over to A.

  5. This way, A and B will successfully exchange the necessary parameters to calculate the shared key. A calculates the key as K1 = YxY^{{x}} mod p. B calculates the key as K2 = XyX^{{y}} mod p. A and B have calculated the same key K = gxyg^{{xy}} mod p since K1 = K2.

Note that steps 1 and 3 and steps 2 and 4 can be performed parallel, with no fixed order.

The illustration below depicts the above-mentioned steps, as follows:

DH Protocol

The security of the DH Protocol relies on the fact that the functions X and Y are one-way. It is computationally infeasible to calculate the corresponding keys for an attacker who knows the leaked values of X and Y. Although the DH Protocol is safe against passive attackers, it is vulnerable against active attackers who can modify messages and interfere with the shared key.

Free Resources

Copyright ©2024 Educative, Inc. All rights reserved