I am not referring here to the process of Public Key exchange, but rather the process of encryption or decryption itself after the Public/Private keys have been generated. For instance, using Diffie-Hellman algorithm we ended up getting both Public and Private Keys of size 512 Bytes. How are we supposed then to use the Public Key to encrypt a given plain text message "Hello World!" and the Private Key to decrypt it?
Asked
Active
Viewed 2,641 times
3 Answers
2
Diffie-Hellman does not generate public and private keys. It generates an agreed number in such a way that:
An eavesdropper cannot work out what number has been agreed upon.
A man in the middle can either know the agreed number which party $A$ is using and the agreed number which party $B$ is using, or ensure that the agreed number which party $A$ is using is the same as the agreed number which party $B$ is using, but not both.
No encryption is involved in Diffie-Hellman and Diffie-Hellman does not generate encryption keys.
Of course one of the main uses of an agreed number would be to do encryption with it – or rather, with a key derived from it. But that is nothing to do with Diffie-Hellman per se.
To that extent, your question is "How, given a number, do I turn it into an encryption key and use it?" – to which the answer is, "In any way you like".
Martin Kochanski
- 188
- 4
1
Diffie-Hellman is a key agreement protocol. It is used to establish a secret value (master secret) which is identical at the parties involved in the key agreement.
This value is then put through a Key Derivation Function (KDF) to derive one or more symmetric keys, such as AES keys, that are also identical for the parties involved. These keys can then be used to encrypt messages and to protect the integrity and authenticity of the messages between the parties. Sometimes the value is truncated or put through a one way function such as a hash function instead of using a well defined KDF.
The actual symmetric cipher, mode of operation and method of generating the authentication tag are not part of the key agreement protocol; basically they can be anything at all.
It is impossible for other parties to retrieve the secret value that has been agreed upon.
Then again, it is important to note that Diffie-Hellman does not authenticate the parties themselves. This should be performed as part of the protocol using different primitives such as signature generation functions. It's important that the public values used for the key agreement are also verified at some point in the protocol.
Maarten Bodewes
- 96,351
- 14
- 169
- 323
0
Diffie-Hellman key exchange uses one party's private key and the other party's public key to generate a shared secret value, this is done through either exponentiation or multiplication modulo a prime, depending on the algorithm and type of key. There are other methods of creating a shared secret, such as the infamous algebraic eraser.
The shared secret could be used directly as a symmetric key, however this is neither recommended nor done in practice, because there is not an even distribution of entropy in the shared secret, and sometimes bits can be strongly biased.
The shared secret is hashed before being used as a key, or be processed with a specific key derivation function like HKDF, or the PRF used in TLS.
Richie Frame
- 13,278
- 1
- 26
- 42