Diffie-Hellman key exchange
In cryptography, the Diffie-Hellman key exchange is a method for two parties, who can only communicate over an insecure channel, to securely agree on an encryption key.
The fundamental assumption of the Diffie-Hellman scheme, upon which its security rests, is that the following function is a trapdoor function, which means that calculating is easy, but its inverse is extremely hard:
Where is a natural number, and is a prime. The natural number is a so-called primitive root modulo . Importantly, and have been specifically chosen such that can take any value in for in . The trapdoor assumption is that, given , and , there is no efficient algorithm to recover .
Suppose that Alice and Bob want to exchange encrypted data in the future, so they need to agree on an encryption key to use. However, they can only exchange messages with each other over an insecure channel, which is being eavesdropped.
After they publicly agree on the values of and , Alice and Bob each choose a secret number from , respectively and , and then privately calculate and as follows:
Finally, they transmit these numbers and to each other over the insecure connection, and then each side calculates , which is the desired secret key:
The point is that includes both and , but each side only needs to know either or . Thanks to the trapdoor assumption, the eavesdropper knows and , but cannot recover or .
This assumption is just that: an assumption. So far, nobody has been able to prove or disprove it for classical computation. However, for quantum computers, it has already been disproven! In this case, another method must be used, for example the BB84 protocol.
- J.B. Brask, Quantum information: lecture notes, 2021, unpublished.