[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Diffie Hellman



	 What is the best reference to the Diffie Hellman key
	 exchange algorithm? (Preferably on line)
	 Thanks

Any decent book on cryptography should explain it.  The idea was
originally proposed in

@article{Diffie76,
   author = {Whitfield Diffie and Martin E. Hellman},
   journal = {IEEE Transactions on Information Theory},
   month = {November},
   pages = {644--654},
   title = {New Directions in Cryptography},
   volume = {IT-11},
   year = {1976}
}

The basic idea is simple.  Pick a large number p (probably a prime),
and a base b that is a generator of the group of integers modulo p.
Now, it turns out that given a known p, b, and (b^x) mod p, it's
extremely hard to find out x.  That's known as the discrete log problem.

Here's how to use it.  Let two parties, X and Y, pick random numbers
x and y, 1 < x,y < p.  They each calculate

	(b^x) mod p

and

	(b^y) mod p

and transmit them to each other.  Now, X knows x and (b^y) mod p, so
s/he can calculate (b^y)^x mod p = (b^(xy)) mod p.  Y can do the
same calculation.  Now they both know (b^(xy)) mod p.  But eavesdroppers
know only (b^x) mod p and (b^y) mod p, and can't use those quantities
to recover the shared secret.  Typically, of course, X and Y will
use that shared secret as a key to a conventional cryptosystem.

The biggest problem with the algorithm, as outlined above, is that
there is no authentication.  An attacker can sit in the middle and
speak that protocol to each legitimate party.

One last point -- you can treat x as a secret key, and publish
(b^X) mod p as a public key.  Proof is left as an exercise for
the reader.

		--Steve Bellovin