Sharing A Secret While Everyone's Watching

If you weren’t already aware: malicious actors are scrounging the internet, endlessly searching for anything to exploit! A huge part of that entails looking at data traffic transmitted over the open internet. So, what is required in order for different parties to communicate privately in an environment such as this?

The answer is encryption. Any data must be encrypted before being sent. The problem then becomes: how does the intended receiver read what is sent?

As usual, thankfully, smart people came up with a solution to the problem; Whitfield Diffie and Martin Hellman, both members of the IEEE, released New Directions of Cryptography in 1976. In it, they described how to use modular exponentiation to share cryptographic information over an insecure public channel. I.e. the internet.

Diffie-Hellman Key Exchange

The basis for secure communication using encryption is that all parties need to be in possession of a shared key, or secret, without disclosing it to the public. DHKE is a widely used method to create these shared secrets, applied in protocols such as SSH and TLS.

For a key exchange to take place, some pre-requisites are needed:

A set of public parameters must be agreed upon; A generator g and a large prime number p are already known to everyone.
Each participant have a private key.

Let’s take a very simplistic look at how this would work in communication between Alice and Bob!

1. Alice creates a public key using her private key, g and p, then sends it to Bob. Bob can now read Alice's messages!

2. Bob is now able to decrypt Alice's message. He sends his own public key, generated the same way, to Alice. Alice can now read Bob's messages!

Happy coding!