Can I have a secret?
Can I tell you a secret?
Can I tell you a secret when we know there is someone snooping around?
I’d like to share this graphical explanation of the Diffie-Hellman key exchange principle without going into the details about the math behind it. It uses physical abstractions as padlocks, keys, and treasure chests. The goal of the key exchange is to allow two parties to establish a shared secret key over an insecure communication channel.
Alice and Bob, a complicated couple, would like to talk through an insecure channel.
Step by step
- Alice has the padlocks A and C, two keys C and one key A. Bob has the padlock B, key B, and the letter he wants to send to Alice through the insecure channel.
- Alice puts the padlock and key C in the chest.
- Alice locks the treasure chest using the padlock A, and sends to Bob.
- Bob receives the chest. He can’t open it because he doesn’t have the key A. He puts one more lock, the padlock B, in the treasure chest and send it back to Alice. Alice also can’t open the chest, as she doesn’t have the key B.
- But Alice does have the key A, which she uses to remove the padlock A from the chest and send it back to Bob.
- Bob now receives a chest which he can open. He opens it and receive the padlock and key C. At this point the key exchange is done. He can either keep the chest and padlock C to send something to Alice, or he can use the same key exchange technique from steps 1 to 6 to send the padlock C back to Alice.
- Bob decides to send Alice a letter using the padlock C. He puts the letter in the chest.
- Bob locks the chest using the padlock C, send it to Alice. He keeps key C.
- Alice received the letter and now they both have the key C.
- Alice’s key A never left her inventory. Bob’s key B never left his inventory.
- Neither Alice nor Bob really knows who is in the other side. In this example they just trust in each other. Authentication is very important but is not handled in this example.
- At every transference a different padlocks (or a combination of padlocks) was used.
A tiny bit of math
Let’s (very) informally define computationally efficient as a computation that someone is willing to wait and pay.
The abstraction here is that a chest with padlock is easy to lock/unlock when you have the correct key but hard to be unlocked otherwise. To use this technique with data, we need a mathematical function f that is:
- Easy to lock: it is computationally efficient to apply f(m,k) over a message m and a key k
- Easy to unlock: there is a computationally efficient inverse function f’ such that m = f'(f(m,k),k)
- Hard to break: it is not computationally efficient to find m or k knowing only f and f(m,k)
If you want to know more about these functions, take a look in the original article “New directions in cryptography” by Diffie, W. and Hellman, M. in 1976.