Professional Documents
Culture Documents
Alice
Bob
Common paint
+
Secret colours
Public transport
(assume
that mixture separation
is expensive)
+
Secret colours
=
Common secret
1 Description
The system...has since become known as
DieHellman key exchange. While that system was rst described in a paper by Die and
me, it is a public key distribution system, a concept developed by Merkle, and hence should be
called 'DieHellmanMerkle key exchange'
if names are to be associated with it. I hope
this small pulpit might help in that endeavor
to recognize Merkles equal contribution to the
invention of public key cryptography.[2]
1.1
Cryptographic explanation
The simplest and the original implementation of the protocol uses the multiplicative group of integers modulo p,
where p is prime, and a primitive root modulo p. Here
is an example of the protocol, with non-secret values in
blue, and secret values in red.
1. Alice and Bob agree to use a prime number p = 23
and base g = 5 (which is a primitive root modulo 23).
DESCRIPTION
1.2
3
A = Alices public key, known to Alice, Bob, and An eavesdropper has been able to see g a , g b , g c , g ab ,
Eve. A = ga mod p = 8
g ac , and g bc , but cannot use any combination of these
to reproduce g abc .
B = Bobs public key, known to Alice, Bob, and Eve.
To extend this mechanism to larger groups, two basic
B = gb mod p = 19
principles must be followed:
Now s = the shared secret key and it is known to both
Alice and Bob, but not to Eve. s = 2
Note: It should be dicult for Alice to solve for Bobs
private key or for Bob to solve for Alices private key.
If it is not dicult for Alice to solve for Bobs private
key (or vice versa), Eve may simply substitute her own
private / public key pair, plug Bobs public key into her
private key, produce a fake shared secret key, and solve
for Bobs private key (and use that to solve for the shared
secret key. Eve may attempt to choose a public / private
key pair that will make it easy for her to solve for Bobs
private key). Another demonstration of Die-Hellman
(also using numbers too small for practical use) is given
here [3]
DieHellman key agreement is not limited to negotiating a key shared by only two participants. Any number of
users can take part in an agreement by performing iterations of the agreement protocol and exchanging intermediate data (which does not itself need to be kept secret).
For example, Alice, Bob, and Carol could participate in a
DieHellman agreement as follows, with all operations
taken to be modulo p :
1.
2.
3.
4.
5.
6.
7.
5 SEE ALSO
5. Participants E through H simultaneously perform
the same operations using g abcd as their starting
point.
4 Other uses
4.1 Password-authenticated
ment
key agree-
The sender can produce only the public part of the key,
whereas only the receiver can compute the private part.
Because of that, the receiver is the only one who can release the funds after the transaction is committed. They
need to perform a single-formula check on each transactions to establish if it belongs to them. This process
involves their private key, therefore no third party can
perform this check and discover the link between the onetime key generated by the sender and the receivers unique
public address.
5 See also
Key exchange
Cryptography portal
5
Modular arithmetic
Elliptic curve DieHellman
Public-key cryptography
ElGamal encryption
DieHellman problem
MQV
Password-authenticated key agreement
Secure Remote Password Protocol
Notes
DieHellman protocol
DieHellman handshake
References
[1] GCHQ trio recognised for key to secure shopping online. BBC. 5 October 2010. Retrieved 5 August 2014.
[2] IEEE Communications Magazine Homepage | IEEE
Communications Society. Comsoc.org. Retrieved on
2013-10-29.
[3] http://buchananweb.co.uk/security02.aspx
[4] A Heuristic Quasi-Polynomial Algorithm for Discrete
Logarithm in Finite Fields of Small Characteristic, Razvan Barbulescu, Pierrick Gaudry, Antoine Joux, Emmanuel Thom, Advances in Cryptology EUROCRYPT
2014, Lecture Notes in Computer Science, Volume 8441,
2014, pp 1-16.
8 External links
Public Key Cryptography: Die-Hellman Key Exchange - A 5 minute YouTube video by Khan
Academy faculty member Brit Cruise
Oral history interview with Martin Hellman, Charles
Babbage Institute, University of Minnesota. Leading cryptography scholar Martin Hellman discusses
the circumstances and fundamental insights of his
invention of public key cryptography with collaborators Whiteld Die and Ralph Merkle at Stanford
University in the mid-1970s.
RFC 2631 DieHellman Key Agreement Method
E. Rescorla June 1999.
Summary of ANSI X9.42: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography
(64K PDF le) (Description of ANSI 9 Standards)
9.1
Text
DieHellman key exchange Source: http://en.wikipedia.org/wiki/DiffieHellman_key_exchange?oldid=631374275 Contributors: AxelBoldt, Malcolm Farmer, Etu, Arvindn, PierreAbbat, PhilipMW, Michael Hardy, Looxix, Haakon, CatherineMunro, Yaronf, Cyan, Ehn,
Hashar, JidGom, Timwi, Ww, The Anomebot, Ed g2s, Raul654, Bcorr, Pakaran, Saqib (usurped), Robbot, Fredrik, Lowellian, PrimeFan,
Jleedev, Vacuum, Captain Segfault, Giftlite, Sin1man, Lunkwill, Qartis, Inkling, Stern, Leonard G., Plato, Rchandra, AlistairMcMillan,
Tweenk, Matt Crypto, Thecrypto, CryptoDerk, Peter Hendrickson, Piotrus, Two Bananas, Jklamo, TonyW, Frenchwhale, Flex, Blokhead,
Discospinster, Rich Farmbrough, Guanabot, ArnoldReinhold, Bender235, ZeroOne, Shanes, Dalf, Bobo192, Dreish, Phansen, Giraedata,
Dila, Davidgothberg, Wrs1864, Mark Bergsma, Nuno Tavares, Simetrical, OwenX, Armando, Fbriere, Brentdax, GregorB, FlaBot, Anrie Nord, Wabasso, Quentin X, RobotE, RussBot, ENeville, Vanished user 1029384756, DavidJablon, Abune, Phil Holmes, SmackBot,
Mmernex, Bigbluesh, Anastrophe, Pfa9, Kurykh, Thumperward, HughNo, Cophus, Michel SALES, Plustgarten, MichaelBillington,
A5b, Autopilot, MrDomino, Littleman TAMU, JoshuaZ, Boky, Aslaveofaudio, Momet, Courcelles, Dokaspar, WhiteAvenger, Jesse Viviano, Dub13, Cydebot, Grahamrichter, Gogo Dodo, Neustradamus, Thijs!bot, A3RO, Victor871129@hotmail.com, Electron9, Peashy,
AntiVandalBot, Widefox, TenguTech, JAnDbot, Jheiv, Magioladitis, KConWiki, Rfellows, Charliet, Grammrsnob, STBot, Nmichaels,
Uncle Dick, Maurice Carbonaro, Dispenser, Jerry Segers, Jr., Signalhead, Soliloquial, TXiKiBoT, Combatentropy, Liko81, Don4of4,
Duncan.Hull, Meuston, AlleborgoBot, SieBot, VVVBot, Djadams35, Hawk777, Garde, Tuntable, ImageRemovalBot, Travis.m.granvold,
MagnusPI, Jwpat7, Theking2, XLinkBot, Doru001, Dsimic, AkhtaBot, Torla42, Ozob, Lightbot, Wiso, Legobot, Rs-leo, Luckas-bot,
Yobot, AnomieBOT, TinucherianBot II, Louelle, Sashagolin, Kineticabstract, Almabot, GrouchoBot, Omnipaedista, 2ndjpeg, Samwb123,
Nageh, Itusg15q4user, Martinvl, Van Rijn, Yecheng Fu, RedBot, Montpelier Vermont, Vishayv, Mrogalski, Tim-J.Swan, Pythomit, Minimac, NerdyScienceDude, DdEe4Aai, EmausBot, Noloader, Moshahmed, ZroBot, Quondum, Qwertyshark, Orby1, EdoBot, Mikhail
Ryazanov, ClueBot NG, Dav-FL-IN-AZ-id, Doh5678, Dsperlich, Burningstarfour, Hammadhaleem, Compfreak7, Flugaal, Joey80nl, Electricmun11, Thom2729, Jmic0006, Eyesnore, Karol Babioch, OccultZone, Dodi 8238, Abitslow, FOXIBOX, Gareld Gareld, Luce71,
James Merrill and Anonymous: 204
9.2
Images
9.3
Content license