Diffie-Hellman key exchange

shoulderslyricalΤεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 3 χρόνια και 4 μήνες)

71 εμφανίσεις

Eesti Infotehnoloogia Kolled
ž

Diffie
-
Hellman key exchange

Essay



Sandra Net
šajeva


Tallinn 2009
Table of contents
Introduction

................................
................................
................................
................................
..........

3

History

................................
................................
................................
................................
..................

5

Diffie, Hellman and Merkle

................................
................................
................................
.................

5

Encrypting with Public Key

................................
................................
................................
.................

6

Overview o
f the Diffie
-
Hellman Algorithm

................................
................................
.........................

7

Algorithm

................................
................................
................................
................................
.............

9

Protocol in action

................................
................................
................................
................................
.

9

Vulnerabilities

................................
................................
................................
................................
....

11

Usage of Diffie
-
Hellman

................................
................................
................................
....................

12

DHP


Diffie
-
Hellman problem

................................
................................
................................
.........

12

Digital Signature

................................
................................
................................
................................

13

Future of the Diffie
-
Hellman key
-
exchange

................................
................................
......................

15

ECDH


Elliptic curve Diffie
-
Hellman

................................
................................
..............................

15

Conclu
sion

................................
................................
................................
................................
.........

17

References

................................
................................
................................
................................
..........

18

Introduction

Cryptography is a science with history that is as old as the human's knowledge of writing. The
earliest known use of cryptography is a carved hypertext on stone in ancient Egypt (ca 1900 BCE)
and a collection of bakery

recipes from Mesopotamia. That means, that there always was a
necessity to hide important information, to make it readable only for a certain circle of people. The
earliest forms of secret writing required little more than pen and paper, as most people co
uld not
read. The main classical cipher types were transposition ciphers, which rearranged the order of
letters in a message, and substitution ciphers, which systematically replaced letters or groups of
letters with other letters or groups of letters. But

times passed and ciphers had to become more and
more complex to satisfy a growing need to preserve data. The new cryptographic era began slightly
after the World War II


the strong incentive to invent new types of ciphers and cipher machines.
The develop
ment of digital computers made possible much more secure ciphers. Furthermore,
computers were able to encrypt any type of data represented in any binary format, unlike classical
ciphers which only encrypted written language texts. Computer use has thus sup
planted linguistic
cryptography, both for cipher design and cryptanalysis.

But usage of computers brought out new difficulties. The important part of encrypting and
decrypting a cipher is knowing a key


a parameter that determines the functional output o
f a
cipher. Without a key, the algorithm would have no result. A key specifies the transformation of
plaintext into cyphertext, or vice versa during decryption. Now it was possible to create a secure
cipher and send it to the recipient without one to one m
eeting, without using an extra
-
safe channel.
However, there still was no way to safely send the key


if it got to the eavesdroppers hands, data
was easily decrypted.

The situation changed in a groundbreaking year 1976 when Whitfield Diffie and Martin Hel
lman
published a paper where they proposed the notion of
public
-
key

cryptography in which two
different but mathematically related keys are used


a
public

key and a
private

key. A public key
system is so constructed that calculation of one key (the 'priva
te key') is computationally infeasible
from the other (the 'public key'), even though they are necessarily related. Instead, both keys are
generated secretly, as an interrelated pair.

Diffie and Hellman published the first public
-
key algorithm known as a
“Diffie
-
Hellman key
exchange” the same year, finally making exchange of the keys real and secure.

This work on Diffie
-
Hellman key
-
exchange is a many
-
sided overview of the protocol, it's history
and mathematical explanation, including a survey on it's vulne
rabilities and secureness. I consider it
important to explain what encrypting with public key is to make the way Diffie
-
Hellman algorithm
works more understandable. This paper also includes a brief explanation of digital signature scheme
as a related crypt
ographic model, whose invention was based on a Diffie
-
Hellman key exchange
and a possible future of the protocol.


History


Diffie, Hellman and Merkle

The first researchers to discover and publish the concepts of Public Key Cryptology were Whitfield
Diffie a
nd Martin Hellman from Stanford University, and Ralph Merkle from the University of
California at Berkeley
[illustration 1]. As so often happens in the scientific world, the two groups
were working independently on the same problem
--

Diffie and Hellman on

public key
cryptography and Merkle on public key distribution
--

when they became aware of each other's
work and realized there was synergy in their approaches. In Hellman's words: "We each had a key
part of the puzzle and while it's true one of us first
said X, and another of us first said Y, and so on,
it was the combination and the back and forth between us that allowed the discovery."


The first published work on
Public Key Cryptography was in a groundbreaking paper by Whitfield
Diffie and Martin Hel
lman titled "New Directions in Cryptography" in the November, 1976 edition
of
IEEE Transactions on Information Theory
, and which also referenced Merkle's work. The paper
described the key concepts of Public Key Cryptography, including the production of dig
ital
signatures, and gave some example algorithms for implementation. This paper revolutionized the
world of cryptography research, which had been somewhat restrained up to that point by real and
perceived Government restrictions, and galvanized dozens of
researchers around the world to work
on practical implementations of a public key cryptography algorithm.

Illustration
1
: Ralph Merkle, Martin Hellman, Whitfield
Diffie (1977) (c) Chuck Pain
ter/Stanford News Service

Diffie, Hellman, and Merkle later obtained patent number 4,200,770 on their method for secure
public key exchange.[12]


Encrypting with Public Key

Befo
re it is possible to talk about Diffie
-
Hellman algorithm, the meaning of the term “Public Key”
should be explained.

The data transferred from one system to another over public network can be protected by the
method of encryption. During encryption the data

is encrypted by special algorithm using the ‘key’.
Only those users who have an access to the same ‘key’ can decrypt the encrypted data. This method
is known as private key or symmetric key cryptography. There are several standard symmetric key
algorithms

defined. Examples are AES, 3DES and more. The defined symmetric algorithms are
proven to be highly secured and time tested, but there still is one major difficulty
-

the key
exchange. The communicating parties require a shared secret, ‘key’, to be exchang
ed between them
to have a secured communication. The security of the symmetric key algorithm depends on the
secrecy of the key. Keys are typically hundreds of bits long, depending on the algorithm used. Since
there may be a large number of intermediate poi
nts between the communicating parties through
which the data passes, these keys can't be exchanged online in a secured manner. In a large
network, where there are hundreds of systems connected, offline key exchange seems too difficult
and sometimes even un
realistic. This is where public key cryptography comes to help. Using public
key algorithm a shared secret can be established online between communicating parties without
exchanging any secret data.

In public key cryptography each user or the device takin
g part in the communication has a pair of
keys, a public key and a private key, and a set of operations associated with the keys
-

to produce
the cryptographic operations. Only the particular user/device knows the private key whereas the
public key is dist
ributed to all users/devices taking part in the communication. Since the knowledge
of public key does not compromise the security of the algorithms, it can be easily exchanged online
without danger of losing any important data.

A shared secret can be estab
lished between two communicating parties online by exchanging only
public keys and public constants if any. Any third party who has access to the exchanged public
information will not be able to calculate the shared secret unless it has access to the priva
te key of
any of the communicating parties.

In public key cryptography, keys and messages are expressed numerically and the operations are
expressed mathematically. The private and public key of a device is related by the mathematical
function called the
one
-
way function. One
-
way functions are mathematical functions in which the
forward operation can be done easily but the reverse operation is so difficult that it is practically
impossible. In public key cryptography the public key is calculated using priv
ate key on the forward
operation of the one
-
way function. Obtaining of private key from the public key is a reverse
operation. If the reverse operation can be done easily, that is if the private key is obtained from the
public key and other public data, th
en the public key algorithm for the particular key is cracked. The
reverse operation gets difficult as the key size increases. The public key algorithms operate on
sufficiently large numbers to make the reverse operation practically impossible and thus mak
e the
system secure. [4]

There are two ways of encrypting using a public key: the distinguishing technique used in public
key cryptography is the use of
asymmetric key algorithms
, where the key used to encrypt a message
is not the same as the key used to d
ecrypt it. Each user has a pair of cryptographic keys


a public
key and a private key. The private key is kept secret, whilst the public key may be widely
distributed. Messages are encrypted with the recipient's public key and can only be decrypted with
t
he corresponding private key. The keys are related mathematically, but the private key cannot be
feasibly (ie, in actual or projected practice) derived from the public key. It was the discovery of
such algorithms which revolutionized the practice of crypto
graphy beginning in the middle 1970s.

In contrast, Symmetric
-
key algorithms, variations of which have been used for some thousands of
years, use a single secret key shared by sender and receiver (which must also be kept private, thus
accounting for the amb
iguity of the common terminology) for both encryption and decryption. To
use a symmetric encryption scheme, the sender and receiver must securely share a key in
advance.[5] Symmetric
-
key algorithms are generally much less computationally intensive than
asy
mmetric key algorithms. In practice, asymmetric key algorithms are typically hundreds to
thousands times slower than symmetric key algorithms.


Overview of the Diffie
-
Hellman Algorithm

Diffie

Hellman key exchange

(
D

H
) is a cryptographic that allows two pa
rties that have no prior
knowledge of each other to jointly establish a shared secret key over an insecure communications
channel. This key can then be used to encrypt subsequent communications using a symmetric key
cipher.

Synonyms of Diffie

Hellman key e
xchange include [8]:



Diffie

Hellman key agreement




Diffie

Hellman key establishment




Diffie

Hellman key negotiation




Exponential key exchange




Diffie

Hellman protocol


The Diffie
-
Hellman key agreement was invented in 1976 during a collaboration between Whi
tfield
Diffie and Martin Hellman and was the first practical method for establishing a shared secret over
an unprotected communications channel. Ralph Merkle's work on public key distribution was an
influence.

The method was followed shortly afterwards by
RSA another implementation of public key
cryptography using assymetric algorithms.

In 2002, Martin Hellman wrote:

The system...has since become known as Diffie
-
Hellman key exchange. While that
system was first described in a paper by Diffie and me, it is a

public key distribution
system, a concept developed by Merkle, and hence should be called 'Diffie
-
Hellman
-
Merkle key exchange' if names are to be associated with it. I hope this small pulpit
might help in that endeavor to recognize Merkle's equal contribu
tion to the invention of
public key cryptography.[10]

US Patent
4,200,770
, now expired, describes the algorithm and credits Hellman, Diffie, and
Merkle as inventors.[8]


Algorithm


Protocol in action

Diffie
-
Hellman is not an encryption mechanism as we normal
ly think of them in that we do not
typically use it to encrypt data. Instead, it is a protocol to securely exchange the keys that encrypt
data. Diffie
-
Hellman accomplishes this secure exchange by creating a “shared secret” (sometimes
called a “Key Encrypti
on Key” or KEK) between two devices. The shared secret then encrypts the
symmetric key for secure transmittal. The symmetric key is sometimes called a Traffic Encryption
Key (TEK) or Data Encryption Key (DEK). Therefore, the KEK provides for secure deliver
y of the
TEK, while the TEK provides for secure delivery of the data itself. [9]

The protocol has two system parameters
p

and
g
. They are both public and may be used by all the
users in a system. Parameter
p

is a prime number and parameter
g

(usually calle
d a generator) is an
integer less than
p
, with the following property: for every number
n

between 1 and
p
-
1 inclusive,
there is a power
k

of
g

such that n = g
k

mod p. [6]

To make a more simple description we shall imagine two people


Alice and Bob[7] who
want to
securely exchange data.

Suppose Alice and Bob want to agree on a shared secret key using the Diffie
-
Hellman key
agreement protocol. They proceed as follows: Alice and Bob agree on a finite cyclic group
G

and a
generating element
g

in
G
. (This is us
ually done long before the rest of the protocol;
g

is assumed to
be known by all attackers). First, Alice generates a random private value
a

and Bob generates a
random private value
b
. Both
a

and
b

are drawn from the set of integers . Then they derive thei
r
public values using parameters
p

and
g

and their private values. Alice's public value is
g
a

mod
p

and
Bob's public value is
g
b

mod
p
. They then exchange their public values. Finally, Alice computes
g
ab

= (
g
b
)
a

mod
p
, and Bob computes
g
ba

= (
g
a
)
b

mod
p
. S
ince
g
ab

=
g
ba

=
k
, Alice and Bob now have a
shared secret key
k
. [6] The important point is that the two values generated are identical. They are
the “Shared Secret” that can encrypt information between systems [illustration 2].


Here is an example of t
he protocol, with non
-
secret values in
green
, and secret values in
boldface
red
:

1.

Alice and Bob agree to use a prime number
p
=
23

and base
g
=
5
.

2.

Alice chooses a secret integer
a
=
6
, then sends Bob
A

=
g
a

mod
p




A

=
5
6

mod
23

=
8
.

3.

Bob chooses a secret intege
r
b
=
15
, then sends Alice
B

=
g
b

mod
p




B

=
5
15

mod
23

=
19
.

4.

Alice computes
s

=
B

a

mod
p




19
6

mod
23

=
2
.

5.

Bob computes
s

=
A

b

mod
p




8
15

mod
23

=
2
. [8]

At this point, the Diffie
-
Hellman operation could be considered complete. The shared secret is a
cry
ptographic key that could encrypt traffic. That is very rare however because the shared secret is
an asymmetric key. As with all asymmetric key systems, it is inherently slow. If the two sides are
passing very little traffic, the shared secret may encrypt
actual data. Any attempt at bulk traffic
encryption requires a symmetric key system such as DES, Triple DES, or Advanced Encryption
Standard (AES), etc. In most real applications of the Diffie
-
Hellman protocol (SSL, TLS, SSH, and
IPSec in particular), the
shared secret encrypts a symmetric key for one of the symmetric
algorithms, transmits it securely, and the distant end decrypts it with the shared secret. Because the
symmetric key is a relatively short value (256 bits for example) as compared to bulk data
, the
shared secret can encrypt and decrypt it very quickly.

Which side of the communication actually generates and transmits the symmetric key varies.
However, it is most common for the initiator of the communication to be the one that transmits the
Illustration 2: Diffie
-
Hellman key exchange

key.
[9]

Once secure exchange of the symmetric key is complete, data encryption and secure communication
can occur. Changing the symmetric key for increased security is simple at this point. The longer a
symmetric key is in use, the easier it is to perform a su
ccessful cryptanalytic attack against it.
Therefore, changing keys frequently is important. Both sides of the communication still have the
shared secret and it can be used to encrypt future keys at any time and any frequency desired. In
some IPSec implemen
tations for example, it is not uncommon for a new symmetric Data
Encryption Key to be generated and shared every 60 seconds. [9]

The protocol depends on the discrete logarithm problem for its security. It assumes that it is
computationally infeasible to ca
lculate the shared secret key
k

=
g
ab

mod
p

given the two public
values
g
a

mod
p

and
g
b

mod
p

when the prime
p

is sufficiently large. It is stated that breaking the
Diffie
-
Hellman protocol is equivalent to computing discrete logarithms under certain
assump
tions.[6]


Vulnerabilities

The Diffie
-
Hellman key exchange is vulnerable to a man
-
in
-
the
-
middle attack (MIM). In this attack,
an opponent Carol intercepts Alice's public value and sends her own public value to Bob. When
Bob transmits his public value, Carol

substitutes it with her own and sends it to Alice. Carol and
Alice thus agree on one shared key and Carol and Bob agree on another shared key. After this
exchange, Carol simply decrypts any messages sent out by Alice or Bob, and then reads and
possibly mo
difies them before re
-
encrypting with the appropriate key and transmitting them to the
other party. This vulnerability is present because Diffie
-
Hellman key exchange does not
authenticate the participants. Possible solutions include the use of digital sign
atures and other
protocol variants. [6]

It should be difficult for Alice to solve for Bob's private key or for Bob to solve for Alice's private
key. If it isn't difficult for Alice to solve for Bob's private key (or vice versa), Carol may simply
substitute

her own private / public key pair, use Bob's public key with her private key, produce a
fake shared secret key, and solve for Bob's private key (and use that to solve for the shared
secret).[8]

The authenticated Diffie
-
Hellman key agreement protocol, or S
tation
-
to
-
Station (STS) protocol,
was developed by Diffie, van Oorschot, and Wiener in 1992 to defeat the man
-
in
-
the
-
middle attack
on the Diffie
-
Hellman key agreement protocol. The immunity is achieved by allowing the two
parties to authenticate themselves

to each other by the use of digital signatures and public
-
key
certificates.

Roughly speaking, the basic idea is as follows. Prior to execution of the protocol, the two parties
Alice and Bob each obtain a public/private key pair and a certificate for the
public key. During the
protocol, Alice computes a signature on certain messages, covering the public value
g
a

mod
p
. Bob
proceeds in a similar way. Even though Carol is still able to intercept messages between Alice and
Bob, she cannot forge signatures wit
hout Alice's private key and Bob's private key. Hence, the
enhanced protocol defeats the man
-
in
-
the
-
middle attack.[6]


Usage of Diffie
-
Hellman

Unlike RSA and DSS, Diffie
-
Hellman is used in interactive transactions, rather than a batch transfer
from a sender

to a receiver.

Diffie
-
Hellman is commonly used when you encrypt data on the Web using either SSL or TLS and
in VPN (Secure Socket Layer, Transport Layer Security and Virtual Private Networks respectively).
[9][1]


DHP


Diffie
-
Hellman problem

The Diffie
-
He
llman problem is a golden mine for cryptographic purposes and is more and more
studied. This problem is closely related to the difficult of computing the discrete logarithm problem
over a cyclic group. It was
first propose
d by

Whitfield Diffie and Martin
Hellman. The DHP is a
problem that is believed to be difficult to do, hence the security of many cryptographic protocols
reduces to the DHP[2][3]. If someone were to discover an easy solution to the DHP, it would cast
serious doubt on the security of these

cryptographic protocols, and in fact many protocols would be
easily broken. Understanding the difficulty of the DHP is a very important concept in modern
cryptography.

It is widely conjectured that Diffie
-
Hellman can be broken using a code
-
breaking quant
um
computer at approximately the same speed as Diffie
-
Hellman can be run on a classical computer
using integer factorization algorithm. For example data encrypted using Diffie
-
Hellman
-
2048
recorded today may be rapidly decrypted by a party with a code
-
brea
king quantum computer at a
later time.[13]




Digital Signature

In the original description, the Diffie

Hellman exchange by itself does not provide authentication of
the communicating parties so, a method to authenticate the communicating parties to each o
ther is
generally needed to prevent most common attacks.

A variety of cryptographic authentication solutions incorporate a Diffie

Hellman exchange. When
Alice and Bob have a public key infrastructure, they may digitally sign the agreed key. When Alice
and
Bob share a password, they may use a password
-
authenticated key agreement form of Diffie

Hellman, such as the one described in ITU
-
T Recommendation X.1035, which is used by the G.hn
home networking standard. This mathematical scheme for demonstrating the a
uthenticity of a
digital message or document is called a digital signature or digital signature scheme. It was first
described by Whitfield Diffie and Martin Hellman in 1976 along with the Diffie
-
Hellman protocol,
although they only conjectured that such s
chemes existed. Soon afterwards, Ronald Rivest, Adi
Shamir, and Len Adleman invented the RSA algorithm that could be used for primitive digital
signatures. (Note that this just serves as a proof
-
of
-
concept, and "plain" RSA signatures are not
secure.) The f
irst widely marketed software package to offer digital signature was Lotus Notes 1.0,
released in 1989, which used the RSA algorithm.[11]

Business runs on signatures, and until electronic communications can provide an equivalent of the
written signature, i
t cannot fully replace the physical transportation of documents, letters, contracts,
etc.

Current digital authenticators are letter or number sequences that are appended to the end of a
message as a crude form of signature. By encrypting the message and au
thenticator with a
conventional cryptographic system, the authenticator can be hidden from prying eyes. It therefore
prevents third
-
party forgeries. But because the authentication information is
shared
by the sender
and receiver, it cannot settle disputes
as to what message, if any, was sent. The receiver can give the
authentication information to a friend and ask him to send a signed message of
the receiver’s
choosing. The legitimate sender of messages will of course deny having sent this message, but ther
e
is no way to tell whether the sender or receiver is lying. The whole concept of a contract is
embedded in the possibility of such disputes, so stronger protection is needed.

A true digital signature must be a number (so it can be sent in electronic form)

that is easily
recognized by the receiver as validating the particular message received, but which could only have
been generated by the sender. It may seem impossible for the receiver to be able to recognize a
number that he cannot generate, but such is
not the case. [10]

The disadvantage of digital signatures is that the ability to sign is equivalent to possession of a
secret key. This key will probably be stored on a magnetic card which, unlike the ability to sign
one’s name, can be stolen.



Future of t
he Diffie
-
Hellman key
-
exchange

The cryptographic security standards used in public
-
key infrastructures, RSA and Diffie
-
Hellman,
were introduced in the 1970s. And although they haven't been cracked, their time could be running
out. That's one reason the Nat
ional Security Agency wants to move to elliptic
-
curve cryptography
(ECC) for cybersecurity. ECC, a complex mathematical algorithm used to secure data in transit,
may replace Diffie
-
Hellman because it can provide much greater security at a smaller key size.

ECC
takes less computational time and can be used to secure information on smaller machines, including
cell phones, smart cards and wireless devices.

Although Diffie
-
Hellman is a public
-
key algorithm, experts say it don't scale well for the future.
At t
his point it is stated that Diffie
-
Hellman keys shorter than 900 bits are not secure enough. To
make Diffie
-
Hellman keys, which now can go to 1,024 bits, secure for the next 10 to 20 years,
organizations would have to expand to key lengths of at least 2,04
8 bits, according to Stephen Kent,
chief scientist at BBN Technologies. Eventually, key sizes would need to expand to 4,096 bits.
Scientists from the NIST's security technology group assume, that it is highly possible, that Diffie
-
Hellman will be broken wi
thin a decade or so. [14]


ECDH


Elliptic curve Diffie
-
Hellman

ECDH is a relatively new key agreement algorithm based on Diffie
-
Hellman but using the elliptic
-
curve cryptography. Elliptic key operates on smaller key size. A 160
-
bit key in ECC is considered

to be as secured as a 1024 bit key in Diffie
-
Hellman.

For generating a shared secret between A and B using ECDH, both have to agree up on Elliptic
Curve domain parameters
-

certain public constants that are shared between parties involved in
secured and
trusted ECC communication. This includes curve parameter
a, b
, a generator point
G

in
the chosen curve, the modulus
p
, order of the curve
n

and the cofactor
h
. There are several standard
domain parameters defined by SEC, Standards for Efficient Cryptograph
y[4] .

For establishing shared secret between two device A and B

1. Let d
A

and d
B

be the private key of device A and B respectively, Private keys are random number
less than n, where n is a domain parameter.

2. Let Q
A

= d
A
*G and Q
B

= d
B
*G be the public ke
y of device A and B respectively, G is a domain
parameter

3. A and B exchanged their public keys

4. The end A computes K = (x
K
, y
K
) = d
A
*Q
B

5. The end B computes L = (x
L
, y
L
) = d
B
*Q
A

6. Since K=L, shared secret is chosen as x
K

To prove the agreed shared se
cret K and L at both devices A and B are the same

From 2, 4 and 5

K = d
A
*Q
B

= d
A
*(d
B
*G) = (d
B
*d
A
)*G = d
B
*(d
A
*G) = d
B
*Q
A

= L

Hence K = L, therefore x
K

= x
L

Since it is practically impossible to find the private key dA or dB from the public key Q
A

or Q
B
, its

not possible to obtain the shared secret for a third party. [4]

The protocol is secure because nothing is disclosed (except for the public keys, which are not
secret), and no party can derive the private key of the other unless it can solve the Elliptic C
urve
Discrete Logarithm Problem.

The public keys are either static (and trusted, say via a certificate) or ephemeral. Ephemeral keys
are not necessarily authenticated, so if authentication is wanted, it has to be obtained by other
means. Static public keys

provide neither forward secrecy nor key
-
compromise impersonation
resilience, among other advanced security properties. Holders of static private keys should validate
the other public key, and should apply a secure key derivation function to the raw Diffie

Hellman
shared secret to avoid leaking information about the static private key.[15]

Elliptic curve Diffie
-
Hellman can possibly become one of the most used algorithm in the close
future, providing us all needed encryption security for at least next ten ye
ars.


Conclusion

In conclusion, it would seem logical to once again emphasize the importance of Diffie
-
Hellman key
exchange in modern cryptography. This was a big breakthrough in science of data safety, that
moved encryption security further than it was pos
sible to imagine. Now two parties were able to
exchange encrypted data without giving an eavesdropper a chance. The new partition in
cryptography was created
-

named a public key cryptography. Instead of one key it uses two


a
public key and a private key
: one is used to encrypt and another one to decrypt, one is known to
everyone, another is kept in secret. Diffie
-
Hellman protocol allows two parties to create a shared
secret using a mathematical function, but it is impossible for eavesdropper to calculat
e it because of
the hardness of calculating a discrete logarithm. But it is necessary to periodically increase the size
of the key because of the machine's evolution and constant growth of power


once it was possible
to use a 512
-
bits long key, but now th
ey are considered insecure. In year 2009 1024
-
bit Diffie
-
Hellman keys are used, but it is highly possible that in a few years we will have to move to a longer
keys.

There are a lot of programs that use Diffie
-
Hellman and different methods that are based o
n it. For
example digital signature works like a reversed Diffie
-
Hellman algorithm


you encrypt your data
with a private key and others may examine it's authenticity using a public key. Diffie
-
Hellman key
exchange is a rare phenomena in computers history.

It was created more than 30 years ago but is
still widely used with just minor improvements. This is really a solid term.

While writing this work my view on the cryptography has changed. I see it as a much more
complex and interesting field, understand di
fferent methods and acknowledge different problems. I
used several sources to put the body of this paper together. My interest on Diffie
-
Hellman was born
during the Data Security and Cryptology lectures in college, I got my first information on this
subjec
t from my teacher Valdo Praust. I visited the homepage of Diffie
-
Hellman (1) and read
multiple articles (4, 6, 12)


they all gave a little different view on the topic. I questioned using
Wikipedia as a source, because it presented an already reviewed info
rmation. But dates Wikipedia
articles were lastly rewritten decided it


they were all made in last two months and I considered
using fresh information really important. I also studied a few surveys on different Diffie
-
Hellman
subjects (2, 10), which were
created in early 2000
-
s. This gave me a good example on what sides
of this topic are still important and haven't changed through years.

Indisputably, Diffie
-
Hellman key exchange has a very important place in modern cryptography, and
even when the science

moves on it is still needed and used.


References

1.

Diffie Hellman Encryption Algorithm, (2009). Diffie Hellman Encryption Overview.


[
http://www.diffiehellman.com/overview.html
]

2.

Feng Bao. Rober
t Deng, Huafei Zhu, (2002).
Variations of Diffie
-
Hellman Problem.
[
http://icsd.i2r.a
-
star.edu.sg/publications/Baofeng_2003_Variations%20of%20Di
ffie%20Hellman%20proble
ms.pdf
]

3.

Wikipedia, (2009, October 23). Diffie
-
Hellman problem.


[
http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_problem
]

4.

Anoop M.S., (2009, November 15).
Public Key Cryptography
-

Applications Algorithms
and Mathematical Explanations. [
http://www.dkrypt.com/home/pkcs
]

5.

Wikipedia (2009, November 12). Public
-
Key Cryptography.
[
http://en.wikipedia.org/wiki/Public
-
key_cryptography
]

6.

RSA Laboratories, (2009). What is Diffie
-
Hellman?


[
http://www.rsa.com/rsalabs/node.asp?id=2248#
]

7.

Wikip
edia, (2009, November 12). Alice and Bob


[
http://en.wikipedia.org/wiki/Alice_and_Bob
]

8.

Wikipedia, (2009, November 15). Diffie
-
Hellman key exchange
[
http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
]

9.

Keith Palmgren, CISSP (2006, August).
Diffie
-
Hellman Key Exchange


A Non
-
Mathematician’s Explanation [
http://www.netip.com/articles/keith/diffie
-
helman.htm
]

10.

Hellman M. (2002, May). An Overview of Public Key Cryptology


[
http://www.comsoc.org/livepubs/ci1/publi
c/anniv/pdfs/hellman.pdf
]

11.

Wikipedia, (2009, November 18). Digital signature
[
http://en.wikipedia.org/wiki/Digital_signature#cite_note
-
lysythesis
-
5
]

12.

Stewards B. Liv
ing Internet:
Public Key Cryptography, (PKC) History
[
http://www.livinginternet.com/i/is_crypt_pkc_inv.htm#diffie
]

13.

Synaptic Laboratories Ltd, (2009, January 4). Bibliography:
Diffie
-
Hellman
-
Merkle (D&H)
[
http://synaptic
-
labs.com/resources/security
-
bibliography/53
-
asymmetric
-
key
-
exc
hanges
-
classical/149
-
bib
-
diffie
-
hellman
-
merkle
-
dah.html
]

14.

Hickey, K. Government computer news, (2007, Aug
03). Encrypting the future
[
http://www.gcn.com/Articles/2007/08/03/Encrypting
-
the
-
future.aspx?Page=1
]

15.

Wikipedia, (2009, October 23). Elliptic curve Diffie

Hellman



[
http://en.wikipedia.org/wiki/Elliptic_curve_Diffie

Hellman
]