Diffie-Hellman key exchange/agreement algorithm

1. Diffie-Hellman key exchange/agreement algorithm

2. Introduction • It is provide the solution to the problem of key agreement or key exchange. • Two party agree on symmetric key. This key can be used for encryption/decryption. • This algorithm only for key agreement not for encryption and decryption.

3. Description of the algorithm • Suppose Alice and Bob want to agree upon a key to be used for encryption / decryption message that would be exchanged between them. Then diffie-hellman key exchange works as follows: • 1. Alice & bob agree on two large prime numbers: n and g (note: these two integer need not be kept secret, insecure channel) • 2. Alice choose another large random number x and calculate A such that, • 3. Alice send the number A to Bob. • 4. Bob independently choose another large random integer y and calculate B such that, • 5. Bob send the number B to Alice. • 6. Alice, now compute the secret key K1 as follows: A = gx mod n B = gy mod n K1 = Bx mod n

4. Description of the algorithm • 7. Bob, now compute the secret key K2 as follows: • 8. Surprise, K1=K2=K (which is symmetric key) K2 = Ay mod n

5. Example of the Diffie -Hellman algorithm Large Prime Number Alice n=11,g=7 Bob Large Random Number Large Random Number x=3 y=6 A = 73 mod 11 = 2 B = 76 mod 11 = 4 B = 4 A = 2 K1 = 43 mod 11 = 9 K2 = 26 mod 11 = 9 K1 = K2 = K Note: A,B,K1,K2 are Private to others

6. Mathematics Theory behind the algorithm • 1) Alice perform K1 Now what is B? • If we put B value into K1 then, • 2) Bob perform K2 Now what is A? • If we put A value into K2 then, • Now Basic Mathematics says that, K1 = Bx mod n B = gy mod n K1 = (gy mod n)x mod n K1 = gyx mod n K2 = Ay mod n A = gx mod n K2 = (gx mod n)y mod n K2 = gxy mod n Kyx = Kxy so that K1=K2=K (Proof)

7. Problem with the Algorithm • Can diffie-hellman solve our problem associated with key exchange? Unfortunately, not quite! • This algorithm fall into “man in the middle attack” • This work as follows: • Step-1: • Alice want to communicate to Bob so as usual they use diffie-hellman key exchange so Let n=11 & g=7. they find K1 and K2 . • Step-2: • Alice does not realize that the attacker TOM is listening the conversation between her and Bob. • TOM simply pick up the value of n and g. (n=11,g=7) • Alice TOM Bob • Step-3: • Now let us assume that Alice, TOM & Bob select random number x & y as bellow: • Alice TOM Bob n=11,g=7 n=11,g=7 n=11,g=7 x=3 x=8,y=6 y=9

8. Problem with the Algorithm • Step-4: • Now all these person calculate the value of A and B. A=gx mod n A=gx mod n B=gy mod n =73 mod 11 =2 =78 mod 11 = 9 =79 mod 11 = 8 B=gy mod n =76 mod 11 = 4 • Step-5: Alice TOM Bob A=2 TOM intercept The value of A And send Bob his Own value of A A=9 TOM intercept The value of B And send Alice his Own value of B B=4 B=8

9. Problem with the Algorithm • Step-6: • So at last value of A,B to users are: * indicate value of A and B changed. • Step-7: • Based on these values, all the three person now calculate their Keys. A=2,B=4* A=2,B=8 A=9*,B=8 Alice TOM Bob K1=Bx mod n =43 mod 11 =9 K1=Bx mod n =88 mod 11 =5 K2=Ay mod n =26 mod 11 =9 K2=Ay mod n =99 mod 11 =5 Solution: ? ( User authentication required )