2

Help me understand the Diffie-Hellman Key Exchange

From what I understand:

  1. Agreed upon numbers: Both parties agree on the value of a large prime number $p$ and a generator $g$.

  2. The users each choose private keys; Alice chooses $a$ and Bob chooses $b$, such that $0<a,b<n$.

  3. The users each calculate public keys: Alice computes $A=g^a\pmod{p}$, while Bob computes $B=g^b\pmod{p}$. Each sends the other their public key.

  4. The users calculate the secret key $k$ as the other person's public key raised to the power of their own private key mod $p$. Alice calculates it as $B^a\pmod{p}$, Bob as $A^b\pmod{p}$.

Example: $p=7, g=4$. Alice chooses $a=2$, Bob chooses $b=3$, Charlie chooses $c=4$. Then the public keys are $A=4^2=16$, and $B=4^3=64$, and $C=4^4=256$.

In that case, Alice and Bob will compute $$k_{ab}=64^2=16^3=4096\equiv1\pmod{7}$$

Alice and Charlie will compute $$k_{ac}=256^2=16^4=65536\equiv2\pmod{7}$$

Questions:

  1. Why does $p$ need to be a prime number?

  2. How does the size of $p$ affect its security?

  3. What's a generator ($g$)?

  4. Why must the private key be less than $p$?

  5. What is mod?

  6. what maths/types of logic formulate the science behind this kind of cryptology?

Also, please correct me if I've made any errors above. Please feel free to offer any additional information that you think will aid in understanding this concept.

cpast
  • 3,587
  • 1
  • 15
  • 27
P0LYmath
  • 123
  • 4
  • I edited your question to standardize notation. Let me know if anything I changed is unclear. – cpast May 09 '15 at 01:11
  • 2
    I voted to close as too broad since you're basically asking for a first course in cryptography. There are plenty of textbooks and other resources for that. – fkraiem May 09 '15 at 08:24
  • 2
    I suggest you read "Handbook of Applied Cryptography Book by A. J. Menezes, Alfred Menezes, Paul van Oorschot, and Scott Vanstone" which explains cryptography from scratch. This book is available online. – Pierre May 09 '15 at 09:48

1 Answers1

0
  1. $p$ must be a prime number to construct a cyclic group with $p-1$ valid private exponents. Using a composite number might impose security issues and possibly performance penalties.
  2. The size of $p$ dictates the security as it forms the size of the field. The larger the field, the more private exponents to try. The more effort you have to find the used one.
  3. A generator is a group element that has order $\phi(p)=p-1$, so the following equation must hold for a generator $g^t\equiv 1 $ $(mod$ $p)$ where $t$ is the least interger such that this equation holds. This least integer must be $p-1$. Also look at this question to understand why a generator is required.
  4. It would be pointless to choose a private exponent larger than $p$ as one would be again at the bare generator for $g^p\equiv g$ and hence one can save these cycles.
  5. $"mod"$ is the binary operation that outputs the remainder of integer division. For example
    $7$ $mod$ $3 = 1$ as $7=2*3+1$, mathematicans also write $7\equiv 1 (mod$ $3)$.
  6. This is called "asymmetric cryptography" and number theory is usually the tool used by cryptographers to construct such schemes.

For further understanding, reading one of the established books does help. (like the Handbook of Applied Cryptography as proposed in the comments)

SEJPM
  • 45,967
  • 7
  • 99
  • 205