[IWAR] CRYPTO winnowing and insecure key exchange

From: Mark Hedges (hedgesat_private)
Date: Wed Mar 25 1998 - 16:34:48 PST

  • Next message: Gary Jakl: "Re: [IWAR] IRC CHAT Terrorism and Desert Thunder"

    I got some e-mail back from Rivest; in fact he does forsee a key exchange
    method  like Diffie-Hellman as a way to overcome the problem of exchanging
    Agree on a large prime in the clear, n, and a number g such that g is
    primitive mod n (fuzzy on what that really means... g exponentiated to
    different powers, mod n will give at least n different results. Actually
    D-H needs "fairly primitive" g's.)
    Alice chooses a random large integer x and sends Bob ( X = (g exp x) mod n ).
    Bob chooses a random large integer y and sends Alice ( Y = (g exp y) mod n ).
    Alice finds k = (Y exp x) mod n, Bob finds k' = (X exp y) mod n.
    k  = (Y exp x) mod n
    k  = ( (g exp y) mod n ) exp x ) mod n
    k  = (g exp xy) mod n
    k' = (X exp y) mod n
    k' = ( (g exp x) mod n ) exp y ) mod n
    k' = (g exp xy) mod n
    k = k'
    x and y are still secret to Alice and Bob, and no one can find k/k' without
    knowing x or y.
    Alice and Bob now both have the secret key k.
    Magic! -hedges-
    (Schneier, Applied Cryptography, 1996, p. 513)

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:06:46 PDT