I am indebted to Simon Singh's book The Code Book for the technical details
of this description. I recommend this as a very good read.
If you read any books on cryptography, you'll meet Alice and Bob, who are always sending coded
messages to each other, along with Eve who want to listen in.
One of the biggest problems with most cryptographic methods is that they use the same key to
encode and decode. If Alice and Bob send their key through the post or email, Eve
could intercept it and figure out everything that Alice and Bob say to each other. Worse, Eve
could send messages that would make Alice or Bob act as if it were from the other.
To overcome this, there is a method of key exchange called "Diffie/Hellman". It relies on a "one way"
mathematical function that is easy to find the answer, but difficult to get back to the original values.
The following explains the principles, and is a direct copy of Simon Singh's book. It uses
the one-way function Yx(mod P).
| Stage 0 |
Alice and Bob agree two numbers for the one-way function,
Y=7, P=11.
It does not matter if these numbers are discovered. |
| Stage 1 |
Alice chooses a number, say 3, and keeps it secret. We label her number A. |
Bob chooses a number, say 6, and keeps it secret. We label his number B. |
| Stage 2 |
Alice puts 3 into the one-way function and works out the result of
7A(mod 11) = 73(mod 11) = 343(mod 11) = 2 |
Bob puts 6 into the one-way function and works out the result of
7B(mod 11) = 76(mod 11) = 117649(mod 11) = 4 |
| Stage 3 |
Alice calls the results of her calulation S, and sends it (2) to Bob. |
Bob calls the result of his calulation T, and sends it (4) to Alice. |
| Stage 4 |
Ordinarily this would be the crucial moment, because Alice and Bob are
exchanging information, and therefore this is an opportunity for Eve to eavesdrop and find out the details of the information.
However, it turns out that Eve can listen in without it affecting the ultimate security of the system. Alice and Bob could use the
same telephone line that they used to agree the values of Y and P, and Eve could intercept the two numbers that are being exchanged,
2 and 4. However, these numbers are not the key, which is why it doesn't matter if Eve knows them.
|
| Stage 5 |
Alice takes Bob's result, and works out the result of
TA(mod 11) = 43(mod 11) = 64(mod 11) = 9 |
Bob takes Alices's result, and works out the result of
SB(mod 11) = 26(mod 11) = 64(mod 11) = 9 |
| The Key |
Miraculously, Alice and Bob have ended up with the same number, 9.
This is what is used as the key. |
If you do decide to use this method, make sure you choose VERY BIG numbers instead of the little ones
in the example. Not being a mathematician, I can't say for sure, but believe they should be prime numbers.
Typically you would want the final key to have at least 64 bits if you are using the key
for the RC5 algorithm of RC-Crypt.
|