Diffie-Hellman was first proposed in 1976 by Whitfield Diffie and Martin Hellman. Diffie-Hellman is a key exchange protocol and not used for encryption. Therefore, it is called Diffie-Hellman Key Exchange (DHKE) or the Key Exchange operation. DHKE is widely used in many protocols such as, Secure Shell (SSH), Transport Layer Security (TLS) and Internet Protocol Security (IPSec).
Note: ElGamal or AES operations can be used for the purpose of encryption based on the DHKE.
Q – Why do we need to exchange the key securely?
Previously, I have explained the theory behind exchanging the key between Alice and Bob in the Symmetric Cryptography. The Symmetric mechanism might have a ﬂaw in it (How do Alice and Bob agree on and exchange the key?). If they have a secure channel, meeting physically or use an unbreakable pipe for example, then it is easy. However, what if there is no secure channel?
If Alice randomly generates a key and sends it to Bob, Oscar might be tapping the communication line to get/know the key. The way to securely exchange the key between Alice and Bob is via the DHKE.
There are three main steps to achieve Diffie-Hellman Key Exchange:
- Alice and Bob generate their own keys (respectively A and B), where they keep strictly to themselves. They also need to know a transformation function of a key, which is easy to compute, but diﬃcult to invert, denoted T(·).
- Alice and Bob transform and exchange their (transformed) keys. Then every party knows its own key and the transformed version of the other key.
- Alice mixes her key (A) with Bob’s T(B): K = M(A, T(B)); Meanwhile, Bob does the same: K = M(B, T(A)).
The eventual target of the DHKE is to compute the same number K (key) by both parties; and nobody else is able to do so.
Find the attacked PowerPoint slides for the dhke-steps.
Note: you need to practice this technique to be able to understand this operation. The above steps might be confusing without a graphical explanation, thus this link will explain the DHKE by Khan Academy in a simple way.