5 Key exchanges

 

This chapter covers

  • What key exchanges are and how they can be useful
  • The Diffie-Hellman and Elliptic Curve Diffie-Hellman key exchanges
  • Security considerations when using key exchanges

We are now entering the realm of asymmetric cryptography (also called public key cryptography) with our first asymmetric cryptographic primitive: the key exchange. A key exchange is, as the name hints, an exchange of keys. For example, Alice sends a key to Bob, and Bob sends a key to Alice. This allows the two peers to agree on a shared secret, which can then be used to encrypt communications with an authenticated encryption algorithm.

Warning

As I hinted in the introduction of this book, there is much more math involved in asymmetric cryptography; therefore, the next chapters are going to be a tad more difficult for some readers. Don’t get discouraged! What you will learn in this chapter will be helpful to understand many other primitives based on the same fundamentals.

Note

For this chapter, you’ll need to have read chapter 3 on message authentication codes and chapter 4 on authenticated encryption.

5.1 What are key exchanges?

Let’s start by looking at a scenario where both Alice and Bob want to communicate privately but have never talked to each other before. This will motivate what key exchanges can unlock in the simplest of situations.

5.2 The Diffie-Hellman (DH) key exchange

5.2.1 Group theory

5.2.2 The discrete logarithm problem: The basis of Diffie-Hellman

5.2.3 The Diffie-Hellman standards

5.3 The Elliptic Curve Diffie-Hellman (ECDH) key exchange

5.3.1 What’s an elliptic curve?

5.3.2 How does the Elliptic Curve Diffie-Hellman (ECDH) key exchange work?

5.3.3 The standards for Elliptic Curve Diffie-Hellman

5.4 Small subgroup attacks and other security considerations

Summary