diffie hellman key exchange

is a system for establishing a secret key in the open. Illustration of two stick figures sending messages to each other

person 1: …
person 2: …

everyone can read these messages, but nobody knows their secret key!

diffie hellman key exchange requires a ~~~ magic function ~~~

f(s, a) = s⊙a.

You put 2 numbers in to f and get a result (we’ll call it s⊙a). There are two rules this function has to follow:

1. It’s commutative: (s⊙a)⊙b is always the same as (s⊙b)⊙a
2. It’s hard to undo: if you know s⊙a and s, you can’t easily “divide” to figure out what “a” was

Finding a magic function that works this way requires a lot of math…

two examples:

1. elliptic curve multiplication (where s⊙x means “add the point s to itself x times”)
2. modular arithmetic (where s⊙x = s^x mod q).

But you don’t need to understand the math to get the basic idea.

how diffie hellman works

1. Choose s (some cryptographers choose this and tell everyone “hey this is what we’re using guys”)
2. Each person picks a random number. Left person picks a, right person picks b.
3. “Multiply” s by the number and send it. left person sends: s⊙a right person sends: s⊙b Nobody can figure out a and b because of Rule 2!
4. “Multiply” the number the other person sent. left person calculates: (sb)⊙a right person calculates: (s⊙a)⊙b These two numbers are the same because of Rule 1!
5. We’re done! (s⊙b)⊙a is the secret key!