Information Security

⌘K
  2. Home
  4. Docs
  6. Information Security
  8. Symmetric and Asymmetric ...
  10. Diffie Hellman Protocol

Diffie Hellman Protocol

The Diffie-Hellman key exchange protocol is a cryptographic technique used to securely generate a shared secret between two parties over an insecure communication channel.

Thank you for reading this post, don't forget to subscribe!
  • This shared key can then be used for encrypted communication using symmetric encryption algorithms.
  • It was one of the first public-key protocols and was developed by Whitfield Diffie and Martin Hellman in 1976.
  • Unlike traditional encryption algorithms that exchange encrypted data, Diffie-Hellman enables two parties to establish a shared secret key that can be used for symmetric encryption—even if they have never met before.

Key Concepts of Diffie Hellman Protocol:

  • Public Parameters:
    • A large prime number p and a primitive root modulo p (called generator) g are chosen and made public.
  • Private Keys:
    • Each party selects a private key: a for Alice and b for Bob. These are kept secret.
  • Public Keys:
    • Alice computes A = g^a mod p and sends it to Bob.
    • Bob computes B = g^b mod p and sends it to Alice.
  • Shared Secret:
    • Alice computes the shared secret: K = B^a mod p.
    • Bob computes the shared secret: K = A^b mod p.
    • Both arrive at the same value because (g^b)^a mod p = (g^a)^b mod p.

How the Diffie-Hellman Protocol Works:

  • Agreement on Public Parameters:
    • Choose a prime number p and a primitive root g.
    • These values are public and can be known by everyone.
  • Private Key Selection:
    • Alice chooses a private key a (a secret number).
    • Bob chooses a private key b (another secret number).
  • Public Key Computation:
    • Alice computes her public key as A = g^a mod p.
    • Bob computes his public key as B = g^b mod p.
  • Exchange of Public Keys:
    • Alice sends A to Bob.
    • Bob sends B to Alice.
  • Computation of Shared Secret:
    • Alice computes K = B^a mod p.
    • Bob computes K = A^b mod p.
    • Both values of K are equal: K = g^(ab) mod p.

Security of Diffie-Hellman:

  • The protocol is secure because while g, p, A, and B are public, it is computationally infeasible to determine the private keys a or b or compute the shared key K from public information due to the Discrete Logarithm Problem.

Limitations:

  • Vulnerable to Man-in-the-Middle (MITM) Attacks unless combined with authentication methods like digital signatures.
  • It does not provide authentication—only secure key agreement.

Use Cases:

  • Used in protocols like SSL/TLS, SSH, and IPsec for secure key exchange.
  • Establishes session keys for secure communication channels.

How can we help?