Beruflich Dokumente
Kultur Dokumente
Presented By:
Rashi Jain, Kamshin, Saloni, Divya
Review
Introduction
Algorithm
Example
Applications
IP Security
Advantages & Disadvantages
Conclusion
Introduction
Diffie-Hellman key exchange(D-H) is the first practical method
of securely exchanging cryptographic keys over an insecure
channel.
Originally conceptualized by Ralph Merkle and named
after Whitfield Diffie and Martin Hellman(1976).
The point is to agree on a key that two parties can use for a
symmetric encryption, in such a way that an eavesdropper cannot
obtain the key.
Diffie-Hellman key exchange
Allows two users to exchange a secret key,
Requires no prior secrets,
Real-time over an untrusted network.
Based on the difficulty of computing discrete logarithms of large
numbers.
No known successful attack strategies.
Requires two large numbers, one prime (P), and (G), a primitive
root of P.
Algorithm
It involves 5 steps:
Global Public Elements
User A(sender) Key Generation
User B(receiver) Key Generation
Generation of Secret Key by User A
Generation of Secret Key by User B
Global public elements
Assume prime number, q.
Select α such that α < q and α is primitive root of q.
(for any number p ,if we have number a number a such that power of a and
p generate all the numbers between l to p-1 then a is called primitive root of
p.)
To calculate the primitive root α we will use the table.
Advantages:
The sender and receiver have no prior knowledge of each other.
Communication can take place ove an insecure channel.
Sharing of secret key is safe.
Disadvantages:
Can’t use for asymmetric key exchange.
Can’t use for signing digital signature.
The nature of D-H key exchange does make it susceptible to
man in the middle attack since it doesn’t authenticate either
party involved in the exchange.
Conclusion
Authenticated Diffie-Hellman Key Agreement (1992)
Defeats middleperson attack
Diffie-Hellman POP Algorithm
Enhances IPSec layer
Diffie-Hellman continues to play large role in secure protocol
creation.
References
Wikkipedia
http://www.sans.org/reading_room/whitepapers/vpns/review-
diffie-hellman-algorithm-secure-internetprotocols_751
http://www.sans.org/rr/encryption/algorithm.php
Thank
You