Diffie-Hellman

• Diffie-Hellman is a public key distribution scheme

• First public-key type scheme, proposed in 1976.

Diffie-Hellman

• Public-key distribution scheme • Cannot be used to exchange an arbitrary message • Exchange only a key, whose value depends on the

participants (and their private and public key information)

• The algorithm is based on exponentiation in a finite field, either over integers modulo a prime, or a polynomial field

Diffie-Hellman• The algorithm

– Alice and Bob agree on two large prime num, p and q.– Alice then chooses another large random number x and

calculate A such that A=q ^ x mod p. and send to bob– Bob also chooses a another large num y and calculate B

such that B=q ^ y mod p. and send to Alice– Both Alice and Bob can calculate the key as

• K1 = B ^ x mod p• K2=A ^ y mod p• K1 = K2

– The key may then be used in a private-key cipher to secure communications between A and B

Diffie-Hellman• Let p = 11 and q = 7• Alice chooses another num x = 3 then we

have A = q^ x mod p =7 ^ 3 mod 11 = 2• Alice Sends the number A = 2 to Bob• Bob chooses another num y = 6 then we

have B =q^ y mod p = 7 ^ 6 mod 11 = 4• Bob sends the number B = 4 to Alice• Now Alice generate Secret key,

K1 =B ^ x mod p = 4 ^ 3 mod 11 =9• Then Bob generate Secret key,

K2 =A ^ y mod p = 2 ^ 6 mod 11 = 9

• Key Exchange:

Diffie-Hellman

Alice Bob

A = g ^ x mod n

A

K1 = B ^ x mod n K2 = A ^ y mod n

B

B = g ^ y mod n

Mathematical Theory Behind Algorithm

• First Alice find key K1 = B ^ x mod n but what is B ? B = g ^ y mod n, therefore if we Substitute this value of B in K1 then K1=(g ^ y)^x mod n = g ^ yx mod n

• Then Bob find key K2 = A ^ y mod n but what is A ? A = g ^ x mod n, therefore if we substitute this value of A in K2 then K2 = (g ^ x)^y mod n = g ^xy mod n

• Now Basic Maths says that: K^ yx = K^ xy