Friday, October 11, 2019

1.2 Key Generation

See the previous section here.

The other algorithm we talk about a lot as being both important and vulnerable to Shor's factoring algorithm is Diffie-Hellman key exchange, which is used for creating the session key we will use for bulk data encryption.  It's important that every session have its own separate encryption key; we don't want multiple conversations sharing the same key, for a lot of obvious reasons.

D-H works as follows:

  1. Alice and Bob publicly agree on a modulus $p$ and a base $g$ (in cleartext is okay)
  2. Alice and Bob each pick a secret random number $a$ and $b$
  3. Alice calculates $A = g^a \bmod p$, Bob calculates $B = g^b \bmod p$
  4. Alice sends Bob $A$, Bob sends Alice $B$ (in cleartext is okay)
  5. Alice calculates $s = B^a \bmod p$, Bob calculates $s = A^b \bmod p$

Both Alice and Bob now have the same secret $s$, which they can use as an encryption key.

Note that, as-is, D-H is vulnerable to a man-in-the-middle attack, and so must be coupled with some form of authentication so that Alice and Bob each know that the other is who they say they are.

No comments:

Post a Comment