Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Diffie–Hellman key exchange
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Generalization to finite cyclic groups === Here is a more general description of the protocol:<ref>{{cite book|url=https://books.google.com/books?id=BuQlBQAAQBAJ&pg=PA190|title=Introduction to Cryptography|last=Buchmann|first=Johannes A.|publisher=Springer Science+Business Media|year=2013|isbn=978-1-4419-9003-7|edition=Second|pages=190–191}}</ref> # Alice and Bob agree on a natural number ''n'' and a [[Generating set of a group|generating]] element ''g'' in the finite [[cyclic group]] ''G'' of order ''n''. (This is usually done long before the rest of the protocol; ''g'' and ''n'' are assumed to be known by all attackers.) The group ''G'' is written multiplicatively. # Alice picks a random [[natural number]] ''a'' with 1 < ''a'' < ''n'', and sends the element ''g<sup>a</sup>'' of ''G'' to Bob. # Bob picks a random natural number ''b'' with 1 < ''b'' < ''n'', and sends the element ''g<sup>b</sup>'' of ''G'' to Alice. # Alice computes the element {{math|1=(''g<sup>b</sup>'')<sup>''a''</sup> = ''g<sup>ba</sup>''}} of G. # Bob computes the element {{math|1=(''g<sup>a</sup>'')<sup>''b''</sup> = ''g<sup>ab</sup>''}} of G. Both Alice and Bob are now in possession of the group element ''g<sup>ab</sup>'' = ''g<sup>ba</sup>'', which can serve as the shared secret key. The group ''G'' satisfies the requisite condition for [[secure communication]] as long as there is no efficient algorithm for determining ''g<sup>ab</sup>'' given ''g'', ''g<sup>a</sup>'', and ''g<sup>b</sup>''. For example, the [[Elliptic-curve Diffie–Hellman|elliptic curve Diffie–Hellman]] protocol is a variant that represents an element of G as a point on an elliptic curve instead of as an integer modulo n. Variants using [[Hyperelliptic curve cryptography|hyperelliptic curves]] have also been proposed. The [[supersingular isogeny key exchange]] is a Diffie–Hellman variant that was designed to be secure against [[quantum computers]], but it was broken in July 2022.<ref name=castryckdecru2023>{{cite journal|last1=Castryck|first1=Wouter|last2=Decru|first2=Thomas|date=April 2023|title=An efficient key recovery attack on SIDH|journal=Annual International Conference on the Theory and Applications of Cryptographic Techniques|pages=423–447|url=https://eprint.iacr.org/2022/975.pdf|archive-url=https://web.archive.org/web/20240926174200/https://eprint.iacr.org/2022/975.pdf|archive-date=2024-09-26}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)