Diffie-Hellman key exchange Algorithm
A s the name suggest, diffie hellman is a method of securely exchanging cryptographic keys over public network. Diffie-Hellman algorithms is being used to establish a shared secret using elliptic curve that can be used for secret communication while exchanging data over a public network.
Elliptic curve is used to generate points and then shared secret is created using these points.
There are two types of keys:
- Symmetric keys
- Asymmetric keys
Symmetric keys:
In symmetric key approach, only one key is used for encryption and decryption. This make is very easy to use but is less secure as the key needs to be transferred over the public network to other party to decrypt the encrypted message. Although, a safe method can be used to transfer the key from one party to another.
Asymmetric keys
This is public and private key sort of mechanism. Different keys are used to encrypt and decrypt the messages. It is more secure than the symmetric key technique. Although the process is slower than the symmetric key technique.
Asymmetric keys are suited in use for transmitting confidential messages for assurance that the message has not been tampered with.
Let’s understand how the diffie hellman works, To understand let’s take an typical example of Alice and Bob.
- Alice and Bob wants to communicate between each other and want to share information but not in plain text, so they’ll encrypt the messages in order to maintain confidentiality. But the problem is how will the other party decrypt the message and read it in plain text?
- There where Diffie-hellman comes into the picture.
- while Alice and Bob have their own private keys, they need to generate a shared secret key so that they both can encrypt and decrypt the message easily without sharing their secret key with each other over public network.
- It make use of a public number, g and n (n is a prime number, g is a primitive root modulo of n).
- Alice and bob choose to use n = 23 and g = 5;
- Let’s suppose Alice has a private key a(4)and Bob has a private key b (3).
- Now, we have n = 23, g = 5, a = 4 and b = 3;
- Now Alice will send a value(let’s call it Alice key i-e AK ) to Bob after calculating using
g ** a % n
that is equivalent to value (5**4 % 23) = 4 - Now Bob will send its value (let’s call it Bob key i.e- BK)to Alice after calculating using
g ** a % n
that is equivalent to value (5**3 % 23) = 10. - Now Alice will have bob’s BK that is 10 and Bob will have alice’s AK that is 4.
- Now Alice will create a shared secret using their private key(4) & BK. Bob will create a shared secret using their private key(10) & AK.
- Formula to calculate shared secret is
key ** private_key mod n
. - For Alice, shared secret is
10 ** 4 % 23
18 - For Bob, shared secret is
4 ** 3 % 23
18 - For both Alice and Bob, shared secret is 18.
This process is a three step procedure and can be done easily.
- Choose N and G mutually.
- Create new key using respective private key.
- shared the keys to each other and create secret key.
Let’s try to understand using a diagram.
Hope this helps you in understanding the working of Diffie-Hellman.
Stay tuned for more to come, If you are new here, do checkout our Algorithms with Javascript blog, we are covering few of the most commonly used algorithms.