Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dan Boneh Basic key exchange The Diffie-Hellman protocol Online Cryptography Course Dan Boneh.

Published byChad Haynes Modified over 8 years ago

Similar presentations

Presentation on theme: "Dan Boneh Basic key exchange The Diffie-Hellman protocol Online Cryptography Course Dan Boneh."— Presentation transcript:

1 Dan Boneh Basic key exchange The Diffie-Hellman protocol Online Cryptography Course Dan Boneh

2 Dan Boneh Key exchange without an online TTP? Bob Alice Goal: Alice and Bob want shared secret, unknown to eavesdropper For now: security against eavesdropping only (no tampering) eavesdropper ?? Can this be done with an exponential gap?

3 Dan Boneh The Diffie-Hellman protocol (informally) Fix a large prime p (e.g. 600 digits) Fix an integer g in {1, …, p} AliceBob choose random a in {1,…,p-1}choose random b in {1,…,p-1} k AB = g ab (mod p) = ( g a ) b = A b (mod p) B a (mod p) = ( g b ) a =

4 Dan Boneh Security (much more on this later) Eavesdropper sees: p, g, A=g a (mod p), and B=g b (mod p) Can she compute g ab (mod p) ?? More generally: define DH g (g a, g b ) = g ab (mod p) How hard is the DH function mod p?

5 Dan Boneh How hard is the DH function mod p? Suppose prime p is n bits long. Best known algorithm (GNFS): run time exp( ) cipher key sizemodulus size 80 bits 1024 bits 128 bits 3072 bits 256 bits (AES)15360 bits As a result: slow transition away from (mod p) to elliptic curves Elliptic Curve size 160 bits 256 bits 512 bits

6 Dan Boneh Elliptic curve Diffie-Hellman

7 Dan Boneh Insecure against man-in-the-middle As described, the protocol is insecure against active attacks AliceBob MiTM

8 Dan Boneh Another look at DH Facebook Alice a Bob b Charlie c David d ⋯ gaga gbgb gcgc gdgd K AC =g ac

9 Dan Boneh An open problem Facebook Alice a Bob b Charlie c David d ⋯ gaga gbgb gcgc gdgd K ABCD

10 Dan Boneh End of Segment

Download ppt "Dan Boneh Basic key exchange The Diffie-Hellman protocol Online Cryptography Course Dan Boneh."

Similar presentations

Trusted 3rd parties Basic key exchange

Trusted 3rd parties Basic key exchange
Notation Intro. Number Theory Online Cryptography Course Dan Boneh

Notation Intro. Number Theory Online Cryptography Course Dan Boneh
7. Asymmetric encryption-

7. Asymmetric encryption-
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.

CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.

Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.
Windows Core Security1© 2006 Microsoft Corp Cryptography: Helping Number Theorists Bring Home the Bacon Since 1977 Dan Shumow SDE Windows Core Security.

Windows Core Security1© 2006 Microsoft Corp Cryptography: Helping Number Theorists Bring Home the Bacon Since 1977 Dan Shumow SDE Windows Core Security.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 5 Jonathan Katz.
Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.

Introduction to Modern Cryptography Lecture 5 Number Theory: 1. Quadratic residues. 2. The discrete log problem. Intro to Public Key Cryptography Diffie.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
Key Establishment Techniques: Key Distribution and Key Agreement

Key Establishment Techniques: Key Distribution and Key Agreement
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh.

Dan Boneh Intro. Number Theory Modular e’th roots Online Cryptography Course Dan Boneh.
Dan Boneh Basic key exchange Public-key encryption Online Cryptography Course Dan Boneh.

Dan Boneh Basic key exchange Public-key encryption Online Cryptography Course Dan Boneh.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from Foundations of Security: What Every Programmer Needs To Know by Neil Daswani, Christoph Kern,

C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,

Similar presentations

Ads by Google