Diffie-Hellman Key Exchange (Bootstrap Protocol)
- 2 principals want to agree on a key
- Situation:
- P is a large (at least 512 bits), publicly known prime number
- g is a publicly known value that is less than P
(g has other properties that are
not important for this discussion.)
- Strategy:
- Alice and Bob pick values, SA and SB respectively
- Alice calculates TA = (gSA mod P).
Bob calculates TB = (gSB mod P).
- Alice sends TA to Bob. Bob sends TB to Alice
- Alice and Bob can now calculate the key = (TB)SA =
(TA)SB = gSBSA mod p
- A wiretapper knows TA and TB, but still needs to invert
exponentiation in a finite field (hard operation) to discover the key.
General Framework
Public key cryptosystems use pairs of keys where 1 key in the pair is public and the other
is private (known only to the principal). A message for a particular principal can be
encrypted using that principal's public key and later decrypted with the principal's
private key. Alternatively, a message could be decrypted with a private key and later
encrypted with the corresponding public key to produce the original plaintext. Some public
key cryptography schemes allow both operations, while others permit only one of them.
Applications
Consider 2 principals, A and B
Secrecy Protocol: A sends B a message encrypted using B's public key.
Authentication Protocol: A sends B a random number encrypted with B's public key. B returns the number.
Since only B knows B's private key, this method of authentication has the property of
non-repudiation (identity proof could convince a 3rd party.)
A Cheaper Hybrid Approach
Public key cryptography is usually much slower than secret key cryptography. To reduce
the cost, public key cryptography is used to distribute a shared key (short message) and
the shared key is used to encrypt the message.