CITS3002 Computer Networks  
prev
next CITS3002 help3002 CITS3002 schedule  

Exchanging Encryption Keys

Despite centuries of evolution of symmetric key cryptography, the fundamental problem of secure key distribution remains:

"How can two people (or machines) encrypt and decrypt messages using a key if they are not sure that the key itself is secure?"

Diffie-Merkle-Hellman Key exchange

In 1976 Diffie and Hellman, from Stanford University, wrote the paper Multi-User Cryptographic Techniques, proposing a method of exchanging keys.

The Diffie-Hellman key exchange technique enables two active participants (who may never have met) to agree on a new, temporary, session key with which they will exchange a message.

Moreover, anyone eavesdropping on their agreement discussion, will not be able to further eavesdrop on the message exchange.

A simple (physical) analogy of how keys can be exchanged:

  • A wants to send a key to B.
  • A puts the key in a secure box and locks it with A's padlock.
  • B does not have the key to A's padlock, so instead,
  • B receives the box and adds B's own padlock to the box and returns it to A.
  • A removes A's padlock with A's own key and sends the box back to B.
  • B can now remove B's own padlock and remove the key which is now shared by A and B.

The work of Diffie and Hellman was revolutionary in the way we think about cryptography. Previously it was 'intuitively obvious' that the key needed to encode and decode a message needed to be the same (or trivially related).

CITS3002 Computer Networks, Lecture 12, Cryptography's role in networking, p12, 22nd May 2024.