The other algorithm we talk about a lot as being both important and vulnerable to Shor's factoring algorithm is Diffie-Hellman key exchange, which is used for creating the session key we will use for bulk data encryption. It's important that every session have its own separate encryption key; we don't want multiple conversations sharing the same key, for a lot of obvious reasons.
D-H works as follows:
- Alice and Bob publicly agree on a modulus $p$ and a base $g$ (in cleartext is okay)
- Alice and Bob each pick a secret random number $a$ and $b$
- Alice calculates $A = g^a \bmod p$, Bob calculates $B = g^b \bmod p$
- Alice sends Bob $A$, Bob sends Alice $B$ (in cleartext is okay)
- Alice calculates $s = B^a \bmod p$, Bob calculates $s = A^b \bmod p$
Both Alice and Bob now have the same secret $s$, which they can use as an encryption key.
Note that, as-is, D-H is vulnerable to a man-in-the-middle attack, and so must be coupled with some form of authentication so that Alice and Bob each know that the other is who they say they are.
No comments:
Post a Comment