how diffie hellman key exchange works
-
how diffie hellman key exchange works
(with as little math as possible)
Wow, thanks.
-
how diffie hellman key exchange works
(with as little math as possible)
Excellent.
-
(the above happened because i realized at some point that even though diffie hellman key exchange _uses_ things like "elliptic curves" or "modular arithmetic" to work, you do not need to actually _understand_ those things to understand the basic idea, and I thought that was cool!)
@b0rk I love the
operator! Great way to explain it -
how diffie hellman key exchange works
(with as little math as possible)
@b0rk@social.jvns.ca Nice! You actually need one more fact: an attacker can't be able to, given S o A and S o B, find (S o A) o B.
Of course, if you can find B given S o B, you can do this; however the converse is not true in general (but may be in concrete cases). So in a way, the DH problem is likely easier than the DL problem, and is probably the real fact that needs to be hard.
However, if you were to put that in panel 2, you'd already be giving away too much there... organizing things well is hard to impossible. -
how diffie hellman key exchange works
(with as little math as possible)
@b0rk Great explanation. For anyone who may still not understand this or prefer a video, I highly recommend watching this one:
-
@b0rk@social.jvns.ca Nice! You actually need one more fact: an attacker can't be able to, given S o A and S o B, find (S o A) o B.
Of course, if you can find B given S o B, you can do this; however the converse is not true in general (but may be in concrete cases). So in a way, the DH problem is likely easier than the DL problem, and is probably the real fact that needs to be hard.
However, if you were to put that in panel 2, you'd already be giving away too much there... organizing things well is hard to impossible.@divVerent ah yeah good point! do you know an example offhand where you can find (S o A) o B given S o A and S o B? (but not find B given S o B)
-
(the above happened because i realized at some point that even though diffie hellman key exchange _uses_ things like "elliptic curves" or "modular arithmetic" to work, you do not need to actually _understand_ those things to understand the basic idea, and I thought that was cool!)
@b0rk That is a really nice explanation, thanks!
Your remark that “you do not need to actually _understand_ those things to understand the basic idea” reminds me of a math SE question I answered a while back: “My little cousin (12year) asked me about how emails are encrypted … Is there a teacher here who knows how to make her understand how to factor a number in to primes and what a prime number is?”
I had to answer twice. First I answered the question that was asked: I do know how to explain prime and composite to kids. But if what the the kid wants is to understand how emails are encrypted, the prime number thing is an unimportant implementation detail. I suggested explaining Vigenère ciphers instead.
how to explain prime numbers to children
My little cousin (12year) asked me about how emails are encrypted and I want to answers her in such a way she understands it. This is diffuct, but I am happy with teaching the definition of a prime
Mathematics Stack Exchange (math.stackexchange.com)
-
@b0rk That is a really nice explanation, thanks!
Your remark that “you do not need to actually _understand_ those things to understand the basic idea” reminds me of a math SE question I answered a while back: “My little cousin (12year) asked me about how emails are encrypted … Is there a teacher here who knows how to make her understand how to factor a number in to primes and what a prime number is?”
I had to answer twice. First I answered the question that was asked: I do know how to explain prime and composite to kids. But if what the the kid wants is to understand how emails are encrypted, the prime number thing is an unimportant implementation detail. I suggested explaining Vigenère ciphers instead.
how to explain prime numbers to children
My little cousin (12year) asked me about how emails are encrypted and I want to answers her in such a way she understands it. This is diffuct, but I am happy with teaching the definition of a prime
Mathematics Stack Exchange (math.stackexchange.com)
@mjd yeah this happened because someone asked me how DH works and I started explaining modular arithmetic and I realized, wait, that's not important, I don't understand that much about elliptic curve addition or whatever either but I still get the basic idea behind ECDH
-
how diffie hellman key exchange works
(with as little math as possible)
RE: https://infosec.exchange/@sophieschmieg/116246805758237078
@b0rk you don't just get Diffie to sign it?
-
how diffie hellman key exchange works
(with as little math as possible)
@b0rk
this is so well done and clear 
-
@divVerent ah yeah good point! do you know an example offhand where you can find (S o A) o B given S o A and S o B? (but not find B given S o B)
@b0rk @divVerent Not sure what you're asking but might it be like the mixing paint example in the video I linked to?
In that example, Alice and Bob share a common paint color to which they mix their secret color. They share that combination with each other, add their secret color again to arrive at a shared secret key. Horrible explanation on my part which the video does a much better job at.
But I probably am completely misunderstanding your question in which case ignore this!
-
how diffie hellman key exchange works
(with as little math as possible)
@b0rk have you seen the paint explainer for Diffie-Helman? That's quite a good way to get the idea across.
-
@b0rk have you seen the paint explainer for Diffie-Helman? That's quite a good way to get the idea across.
@pmb00cs i have! i wanted to write something a little closer to the mathematical reality
-
@pmb00cs i have! i wanted to write something a little closer to the mathematical reality
@b0rk that's fair enough, and I think you've done an excellent job of it. I just like the paint analogy because it's easy to grasp that unmixing paint is hard.
-
@b0rk that's fair enough, and I think you've done an excellent job of it. I just like the paint analogy because it's easy to grasp that unmixing paint is hard.
@pmb00cs one interesting way the mixing paint metaphor doesn't work (imo) is that when you're mixing paint the two colours you're mixing both have the same "type", and it's a symmetric operation (a mixed with b is the same as b mixed with a)
but in diffie hellman the operation is not symmetric at all, like the type of the function is more like f(type1, type2) => type1
I think saying that "s" and "a" are both "numbers" might be a bit of an oversimplification in that sense
-
@pmb00cs one interesting way the mixing paint metaphor doesn't work (imo) is that when you're mixing paint the two colours you're mixing both have the same "type", and it's a symmetric operation (a mixed with b is the same as b mixed with a)
but in diffie hellman the operation is not symmetric at all, like the type of the function is more like f(type1, type2) => type1
I think saying that "s" and "a" are both "numbers" might be a bit of an oversimplification in that sense
@pmb00cs but I definitely have a tendency to be overly critical about the specifics of metaphors in a way that's not necessarily helpful
the paint thing is cool!
-
how diffie hellman key exchange works
(with as little math as possible)
-
@pmb00cs one interesting way the mixing paint metaphor doesn't work (imo) is that when you're mixing paint the two colours you're mixing both have the same "type", and it's a symmetric operation (a mixed with b is the same as b mixed with a)
but in diffie hellman the operation is not symmetric at all, like the type of the function is more like f(type1, type2) => type1
I think saying that "s" and "a" are both "numbers" might be a bit of an oversimplification in that sense
@b0rk I mean, there's a point where a metaphor doesn't work anymore, because it's not the truth, just a way to explain part of the truth. If you need perfect accuracy you're just explaining reality.
The paint metaphor also breaks down because there are tools for recreating paint colours accurately from pure pigments. Do that for (sxa), (sxb), and s, and you recover a and b. So it's not really suitable as a form of key exchange. But it is easy to understand on a basic level.
-
how diffie hellman key exchange works
(with as little math as possible)
@b0rk Small typo in panel 4, choose = chose?
-
how diffie hellman key exchange works
(with as little math as possible)
@b0rk you can do it without maths at all. Say I want to give you my bicycle, but our schedules just will never work out for me to give you it directly. Well, we pick a place both of us can access, say outside the train station. I lock my bike up at a designated spot and go about my day. You come along with your own lock and use it to fasten the bike to the same spot without interfering with my lock, then go about your day. At some point I remove my lock, after which you can remove yours and gain a bicycle.
As I understand it, such a protocol was the inspiration for DH key exchange. Picking a spot is picking a generator. Locking is exponentiating. Locks not interfering is the commutativity property.
It's the explanation I always use when TAing cryptography
