Diffie-Hellman key exchange

Setup

1. Agree on a large prime number p.
2. Find a generator for g \in \mathbb{Z}^{*}_{p}.
3. Optional: Agree on a secure k-bit hash function.

Key-Exchange

1. Alice generates a random local secret a\in \mathbb{Z}^{*}_{p}.
2. Alice calculates a public parameter A=g^a \mod p and sends it via the public channel.
3. Bob generates a random local secret b\in \mathbb{Z}^{*}_{p}.
4. Bob calculates a public parameter B=g^b \mod p and sends it via the public channel.
5. Alice calculates a shared secret K_a = B^a \mod p.
6. Bob calculates a shared secret K_b = A^b \mod p.
7. Optional: Alice calculates a symmetric key K = H(K_a).
8. Optional: Bob calculates a symmetric key K = H(K_b).

Note: K_b \equiv A^b \equiv (g^a)^b \equiv g^{ab} \equiv g^{ba} \equiv (g^b)^a \equiv B^a \equiv K_a

Secure prime numbers

Let q be a prime number, then p is considered a secure prime number, if p = 2q + 1.

Discrete Logarithm

Let p be a prime number and g a generator for Z^*_p, there exists exactly one exponent a\in Z^*_p for every A\in Z^*_p with A = g^a \mod p .

This exponent a is called the Discrete Logarithm (DL) of A to the base g: a = \log_{g} A

Man in the middle attack

TODO: Attacker acts as intermediate when exchanging public keys. Prevented through through the use of certificates and cryptographic signing.