#diffie-hellman

Day 65 - Diffie-Helman Key Exchange

There was an email in my inbox from Commercial Observer (a commercial real estate industry newsletter/magazine), including links to an article titled “SHED Pitches Itself as an Affordable Scaffolding Alternative to Urban Umbrella”. For those who don’t know, sidewalk scaffolding, or sidewalk sheds, are required under New York City Local Law 11, which mandates that building facade inspections and…

Cryptography – Symmetric & Asymmetric

Hey, don’t freak out about the name of this post Cryptography isn’t so scary. It’s all just Office 365 stuff. Basically, it’s a way to share information with people without anyone else being able to see it. Think of it like how your company talks to Microsoft using ADFS. So, cryptography is all about sending sensitive information over networks that aren’t secure, like the internet. It works by…

Communication between Alice and Bob:

Alice and Bob agree to use a modulus e.g. p = 23 and a base eg q = 5

Alice chooses a secret number e.g. a = 4 (and never communicates what this is), and sends to Bob:

X = q^a mod p

X = 5^4 mod 23

X = 4

Bob chooses his own secret number e.g. b = 3, then sends to Alice:

Y = q^b mod p

Y = 5^3 mod 23

Y = 10

Alice calculates:

s = Y^a mod 23

s = 10^4 mod 23 = 18

Bob calculates:

s = X^b mod 23

s = 4^3 mod 23 = 18

Alice and Bob now share the same secret of the number 18.

If these numbers were larger it would be very hard to go backwards and figure out the original numbers

The base is public but each person’s secret number on each side is unknown and difficult to find

Problems with Diffie-Hellman

The Diffie-Hellman method is another, more prevalent way of handling the prominent problem of cryptographic key sharing via an unsecured communication lines. It works like this:

Suppose 2 parties A and B want to communicate securely using some encryption protocol that requires a shared secret key. Each party will first agree one some values that will be known to one another and thus the public; these are the size of the modulo operator we’ll call P and the base we’ll call G. These aren’t just any 2 random numbers they must satisfy the properties:

P  and  G  must be prime

P should be large - the larger the more secure

G is a primitive root modulo of P

Then both parties each choose a secret integer which they NEVER share - we’ll call these a and b for A and B respectively. They do share these keys modified such that each party sends the other: G to the power of their key modulus P. So A sends B G^a%P which we’ll call Ai and B sends A G^b%P which we’ll call Bi - these are sent insecurely and anyone listening will know these numbers. You may think that this puts their secret keys at risk since each of these exchanged numbers involved each parties secret key, but that is not the case.

You can think of it like this:

modulo n takes any number and maps it to some point on a number line from 0 - n. n x 1 000 000 % n = 0 and n x 2 % n = 0 too; but between these 2 numbers there are also 999 998 other numbers which give the same result when taken mod n. In short this means that the modulo operator destroys A LOT of information, as it maps an infinite range of numbers to a fixed range of numbers. So given a number i from this fixed range, it is extremely computationally expensive to try and figure out which number e was modded in order to land on i.

Finally, B computes Ai^b and A computes Bi^a. Ai^b = Bi^a = s. Interestingly, and the main reason why this method of key-exchange works, the order of exponents does not matter. If you ignore the mods in the algorithm then you can see how this works: Ai^b = (g^a)^b = g^a.b Bi^a = (g^b)^a = g^b.a This happens because of the intrinsic nature of exponent and log laws and what it means to raise one number to another.

s is their shared secret key which they can now use to encrypt their data and communicate securely. I think the amazing thing here is that each party only needed to keep 1 secret each, a and b in our example, and all other information was exchanged publicly. From this they were able to generate a practically unbreakable key and use it to communicate securely.  I think that is extremely elegant!

Alice: Bae, come up with a cute, big, and fat generator (G) and modulus (M) such that G be primitive root modulo of M, i.e. MultiplicativeOrder[G, M] == M - 1. Send it to me. You got it, bae?

Bob: Yah. Now lemme send u my 16777216-bit public part and u send me urs as well.

Alice: k

Eve: Holy shit. Those lovers are secretly making out using a 16777216-bit key exchange.

Imagine Bob and Alice want to send secret messages to each other and Trudy is trying to read these messages. How can Bob and Alice keep Trudy from eavesdropping on their conversation? The answer is they use an encryption algorithm that has a key. You can picture this as the put the message in a box and use a lock (an encryption algorithm) that has a key. The Diffie-Hellman key exchange algorithm is a set of steps that allows Bob and Alice to both get a copy of the key without the risk of Trudy getting a copy.

The Diffie-Hellman key exchange algorithm is a very clever way to exchange an encryption key between 2 machines without the risk of revealing the key to a 3rd party that may be trying to eavesdrop. It uses mathematical properties that allow both Bob and Alice to generate the same key without ever sending the key, so even if Trudy got all the messages deciding what key to use, she would not be able to generate the key.

For some context as to why this is important, say Bob wants to encrypt his messages but needs Alice to be able to decrypt them. So he picks the key 27 and sends it to Alice so she can decrypt his messages. If Trudy is listening to for messages between Bob and Alice when bob sends the key, then Trudy can decrypt everything Bob sends and even pretend to be bob by using his key and sending messages to Alice. So imagine this same situation if you were communication with a bank or other service. Trudy could not only see everything you are doing, she could take your password (that you encrypted to prove to the bank your identity) and rob you blind! With Diffie-Hellman the key is never sent between Bob and Alice, it is generated separately by both Bob and Alice in a way that Trudy can’t replicate even if she is eavesdropping.

  How it Works:

I’ll walk you through the steps with Bob and Alice communicating while Trudy tries to eavesdrop. Bob and Alice start by agreeing upon 2 numbers P, a prime number, and G, the generator number.

Step 1:

In this example Bob and Alice decide P = 23, and G = 5.

Bob’s Info Alice’s Info Trudy’s Info P = 23 G = 5 P = 23 G = 5 P = 23 G = 5

Step 2:

Next Bob picks a random secret number Sbob, and Alice picks a random secret number Salice. Bob picks Sbob = 15, and Alice picks Salice = 6.

Bob’s Info Alice’s Info Trudy’s Info P = 23 G = 5 P = 23 G = 5 P = 23 G = 5 Sbob = 15 Salice = 6 Nothing

Step 3:

Bob and Alice both use their secret along with the function T = GS mod P then send them to each other. Bob generates Tbob = 515 mod 23 and finds TBob = 19, Bob then sends 19 to Alice. Alice does the same after finding Talice = 56 mod 23 = 2.

Bob’s Info Alice’s Info Trudy’s Info P = 23 G = 5 P = 23 G = 5 P = 23 G = 5 Sbob = 15 Salice = 6 Nothing Tbob = 19 Talice = 2 Talice = 2 Tbob = 19 Tbob = 19 Talice = 2

Step 4:

Bob and Alice now have all the information they need to generate the key they will use for encryption. They both use the function key = TS mod p. to get the key. Bob uses keybob = TaliceSbob mod P and gets keybob = 2. Alice uses keyalice = TbobSalice mod P and gets keyalice = 2.

Bob’s Info Alice’s Info Trudy’s Info P = 23 G = 5 P = 23 G = 5 P = 23 G = 5 Sbob = 15 Salice = 6 Nothing Tbob = 19 Talice = 2 Talice = 2 Tbob = 19 Tbob = 19 Talice = 2 Keybob = 2 Keyalice = 2 Nothing

Bob and Alice can now communicate using the key they generated and Trudy cannot generate the key without one of the secret integers that Bob or Alice picked, But since the secret numbers are never transmitted Trudy has no idea what they are. The only option would be for her to guess the key until she finds the right one, for this example this would happen very quickly but in practice this algorithm uses huge numbers. Numbers that would be very difficult to show an example with.

What makes this work:

This works because of how modulus and exponents work. Modulus makes sure you can’t simply find the secret value Bob or Alice used by working backwards. Use of exponents makes sure that both parties arrive at the same key.

Modulus:

Modulus if you don’t know is a mathematical operation that finds the remainder of a division. So, 5 mod 3 = 2 because the remainder of 5/3  is 2, 3 only goes into 5 once and the remaining value is 2. So in Diffie-Hellman if we had a P = 5 and calculate a T = 1 the secret could be 2 or 4 but there is now way to tell which. So if Trudy tried to generate the key she would not know what power to use on the T to get the key.

Exponents:

The main property of exponents used here is that (TSbob mod P)Salice is the same as (TSalice mod P)Sbob. Bob and Alice are essentially combining both their secrets numbers together without actually exchanging them.

Bringing it together:

The key remains a secret from Trudy because she needs either Bob’s or Alice’s secret number to generate the key. Trudy is unable to reverse engineer the secret number, and Bob and Alice apply their key to G before sending it to the other person to add their secret to G as well.