The Diffie-Hellman Algorithm
Download as PPT, PDF6 likes3,954 views
The Diffie-Hellman algorithm was discovered by Whitfield Diffie and Martin Hellman. It allows two users to exchange a secret key over an untrusted network without any prior secrets. The algorithm uses public and private keys to generate a shared secret key known only to the two parties. It is widely used in applications like SSL/TLS, SSH, IPSec, and PKI due to its ability to establish secure shared secrets over insecure channels.
The Diffie-Hellman Algorithm
- 1. The Diffie-Hellman Algorithm Er. Jay Nagar(Cyber Security Researcher ) www.jaynagarblog.worpress.com
- 2. Overview • Introduction • Implementation • Example • Applications • Conclusion J@Y_IT The Diffie-Hellman Algorithm 2
- 3. Introduction • Discovered by Whitfield Diffie and Martin Hellman – “New Directions in Cryptography” • Diffie-Hellman key agreement protocol – Exponential key agreement – Allows two users to exchange a secret key – Requires no prior secrets – Real-time over an untrusted network J@Y_IT The Diffie-Hellman Algorithm 3
- 4. Introduction • Security of transmission is critical for many network and Internet applications • Requires users to share information in a way that others can’t decipher the flow of information “It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics.” -Bruce Schneier J@Y_IT The Diffie-Hellman Algorithm 4
- 5. Introduction • Based on the difficulty of computing discrete logarithms of large numbers. • No known successful attack strategies* • Requires two large numbers, one prime (P), and (G), a primitive root of P J@Y_IT The Diffie-Hellman Algorithm 5
- 6. Implementation • P and G are both publicly available numbers – P is at least 512 bits • Users pick private values a and b • Compute public values – x = ga mod p – y = gb mod p • Public values x and y are exchanged J@Y_IT The Diffie-Hellman Algorithm 6
- 7. Implementation Copyright, 2001 by NetIP, Inc. and Keith Palmgren, CISSP.J@Y_IT The Diffie-Hellman Algorithm 7
- 8. Implementation • Compute shared, private key – ka = ya mod p – kb = xb mod p • Algebraically it can be shown that ka = kb – Users now have a symmetric secret key to encrypt J@Y_IT The Diffie-Hellman Algorithm 8
- 9. Implementation Copyright, 2001 by NetIP, Inc. and Keith Palmgren, CISSP.J@Y_IT The Diffie-Hellman Algorithm 9
- 10. Example • Two Internet users, Alice and Bob wish to have a secure conversation. – They decide to use the Diffie-Hellman protocol J@Y_IT The Diffie-Hellman Algorithm 10
- 11. Example • Bob and Alice are unable to talk on the untrusted network. –Who knows who’s listening? J@Y_IT The Diffie-Hellman Algorithm 11
- 12. Example • Alice and Bob get public numbers – P = 23, G = 9 • Alice and Bob compute public values – X = 94 mod 23 = 6561 mod 23 = 6 – Y = 93 mod 23 = 729 mod 23 = 16 • Alice and Bob exchange public numbers J@Y_IT The Diffie-Hellman Algorithm 12
- 13. Example • Alice and Bob compute symmetric keys – ka = ya mod p = 164 mod 23 = 9 – kb = xb mod p = 63 mod 23 = 9 • Alice and Bob now can talk securely! J@Y_IT The Diffie-Hellman Algorithm 13
- 14. Applications • Diffie-Hellman is currently used in many protocols, namely: – Secure Sockets Layer (SSL)/Transport Layer Security (TLS) – Secure Shell (SSH) – Internet Protocol Security (IPSec) – Public Key Infrastructure (PKI) J@Y_IT The Diffie-Hellman Algorithm 14
- 15. Conclusion • Authenticated Diffie-Hellman Key Agreement (1992) – Defeats middleperson attack • Diffie-Hellman POP Algorithm – Enhances IPSec layer • Diffie-Hellman continues to play large role in secure protocol creation J@Y_IT The Diffie-Hellman Algorithm 15
- 16. Additional Sources • http://www.sans.org/rr/encryption/algorithm .php • http://www.hack.gr/users/dij/crypto/overvie w/index.html • http://WWW.Wikipidia.com J@Y_IT The Diffie-Hellman Algorithm 16