zoukankan      html  css  js  c++  java
  • Diffie–Hellman key exchange

    General overview[edit]

     
    Illustration of the idea behind Diffie–Hellman key exchange

    Diffie–Hellman key exchange establishes a shared secret between two parties that can be used for secret communication for exchanging data over a public network. The following conceptual diagram illustrates the general idea of the key exchange by using colors instead of very large numbers.

    The process begins by having the two parties, Alice and Bob, agree on an arbitrary starting color that does not need to be kept secret (but should be different every time[3]); in this example the color is yellow. Each of them selects a secret color that they keep to themselves. In this case, orange and blue-green. The crucial part of the process is that Alice and Bob now mix their secret color together with their mutually shared color, resulting in orange-tan and light-blue mixtures respectively, then publicly exchange the two mixed colors. Finally, each of the two mix together the color they received from the partner with their own private color. The result is a final color mixture yellow-brown that is identical to the partner's color mixture.

    If a third party listened to the exchange, it would be computationally difficult for them to determine the secret colors. In fact, when using large numbers rather than colors, this action is computationally expensive for modern supercomputers to do in a reasonable amount of time.

    Cryptographic explanation[edit]

    The simplest and the original implementation of the protocol uses the multiplicative group of integers modulo p, where p is prime, and g is a primitive root modulo p. These two values are chosen in this way to ensure that the resulting shared secret can take on any value from 1 to p–1. Here is an example of the protocol, with non-secret values in blue, and secret values in red.

    1. Alice and Bob agree to use a modulus p = 23 and base g = 5 (which is a primitive root modulo 23).
    2. Alice chooses a secret integer a = 4, then sends Bob A = ga mod p
      • A = 54 mod 23 = 4
    3. Bob chooses a secret integer b = 3, then sends Alice B = gb mod p
      • B = 53 mod 23 = 10
    4. Alice computes s = Ba mod p
      • s = 104 mod 23 = 18
    5. Bob computes s = Ab mod p
      • s = 43 mod 23 = 18
    6. Alice and Bob now share a secret (the number 18).

    Both Alice and Bob have arrived at the same value s, because, under mod p,

    {displaystyle {color {Blue}A}^{color {Red}b}{mod {color {Blue}p}}={color {Blue}g}^{color {Red}ab}{mod {color {Blue}p}}={color {Blue}g}^{color {Red}ba}{mod {color {Blue}p}}={color {Blue}B}^{color {Red}a}{mod {color {Blue}p}}}{displaystyle {color {Blue}A}^{color {Red}b}{mod {color {Blue}p}}={color {Blue}g}^{color {Red}ab}{mod {color {Blue}p}}={color {Blue}g}^{color {Red}ba}{mod {color {Blue}p}}={color {Blue}B}^{color {Red}a}{mod {color {Blue}p}}}[8]

    More specifically,

    {displaystyle ({color {Blue}g}^{color {Red}a}{mod {color {Blue}p}})^{color {Red}b}{mod {color {Blue}p}}=({color {Blue}g}^{color {Red}b}{mod {color {Blue}p}})^{color {Red}a}{mod {color {Blue}p}}}{displaystyle ({color {Blue}g}^{color {Red}a}{mod {color {Blue}p}})^{color {Red}b}{mod {color {Blue}p}}=({color {Blue}g}^{color {Red}b}{mod {color {Blue}p}})^{color {Red}a}{mod {color {Blue}p}}}

    Note that only ab, and (gab mod p = gba mod p) are kept secret. All the other values – pgga mod p, and gb mod p – are sent in the clear. Once Alice and Bob compute the shared secret they can use it as an encryption key, known only to them, for sending messages across the same open communications channel.

    Of course, much larger values of ab, and p would be needed to make this example secure, since there are only 23 possible results of n mod 23. However, if p is a prime of at least 600 digits, then even the fastest modern computers cannot find a given only gp and ga mod p. Such a problem is called the discrete logarithm problem.[3] The computation of ga mod p is known as modular exponentiation and can be done efficiently even for large numbers. Note that g need not be large at all, and in practice is usually a small integer (like 2, 3, ...).

  • 相关阅读:
    首次成功实施 XSS 攻击,盗取目标网站大量 VIP 帐号
    框架模块设计经验总结
    OEA ORM 框架中的冗余属性设计
    UML 图使用心得
    Scrum 流程应用反思 我们的团队
    分享一个简单的 VS 插件及源码
    PDA使用感悟
    OEA 框架中集成的 RDLC 报表介绍
    私活后的 WPF 设计经验总结
    个人管理/时间管理 辅助工具套件分享
  • 原文地址:https://www.cnblogs.com/mingzhang/p/9156670.html
Copyright © 2011-2022 走看看