## Thursday, May 27, 2010

### Diffie-Hellman(DH) Shared Key Exchange Mechanism

Diffie-Hellman is cryptography protocol, which allows two users to exchange the key over the public cloud. Mainly VPN uses Diffie-Hellman algorithms to provide reliable and trusted method of key exchanges. The algorithm was being invented by Whitefiled Diffie and Martin Hellman in 1976. During DH exchange both users must agree on two non secret numbers which could be available publically or in the form of any certificate. After this agreement, users exchange their keys and come to know that their and remote user keys are same. After bona fied to each other, they start exchange their data.
In this post, I will explain how the keys values are calculated. First we need to define two public keys which are available through any certificate or via any other method to both users. Let’s assume n and g are public keys for user1 and user2. Value of g should be small and n(take big values) should be prime number.
Both users are having same keys initially.
n=997
g=2
Next step is to use the private keys and compute the value which should be given to remote user.
Private key for user1 is 3 and for user2 is 5.

Calculate the public key value which will be transmitted to remote user. Formula for calculating Public Value for User1 will be given below:-
Public Value:- g^(private key of user1) mod n
Public Value:- 2^3 mod 997
Public Value:- 8 mod 997
Public Value:- 8

Formula for calculating Public Value for User2 will be given below:-
Public Value:- g^(private key of user2) mod n
Public Value:- 2^5 mod 997
Public Value:- 32 mod 997
Public Value:- 32

Now both users will exchange their public values to each other and on the basics of receiving public values user will calculate the secret key.
User1 is receiving 32 from user2 and user2 is receiving 8 from user1

User1 will calculate it’s shared key by using given formula:-
User1 Shared Key:- (Received Public Key From User2)^(user1 private key) mod n
User1 Shared Key:-32^3 mod 997
User1 Shared Key:-32768 mod 997
User1 Shared Key:- 864

User2 will calculate it’s shared key by using given formula:-
User2 Shared Key:- (Received Public Key From User1)^(user2 private key) mod n
User2 Shared Key:-8^5 mod 997
User2 Shared Key:-32768 mod 997
User2 Shared Key:- 864

User1 and User2 are having same shared keys which is 864