Diffie-Hellman Key Agreement
- Diffie-Hellman key exchange is a protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel.
- This key can then be used to encrypt subsequent communications using a symmetric key.
- It should be difficult for the sender to solve the recipient's private key and for the recipient to solve the sender's private key.
- If it is easy for the sender to solve for recipient's private key (or vice versa), then an eavesdropper may:
- Substitute its own private / public key pair,
- Plug recipient's public key into its private key,
- Produce a fake shared secret key,
- Solve the recipient's private key,
- Use that to solve for the shared secret key.
- An eavesdropper may attempt to choose a public / private key pair that is easy for it to solve for recipient's private key.
How is Diffie-Hellman implemented?
© 2006 John Michael Pierobon
Notes