- 1976
- One of first public key protocols in Cryptography
- specifics at ibm.com
Its main use is the exchange of symmetric keys over a non-secure channel. It functions using module arithmetics.
- prime
- primitive root of
Let be a positive integer. A primitive root is an integer such that every integer relatively prime to is congruent to a power of . That is, the integer is a primitive root ( ) if for every number relatively prime to there is an integer such that
Algorithm
To realize DH we need:
- efficient algorithm for
- efficient algorithm for generating a prime
- efficient algorithm for generating a primitive root for this
1.
int expmod_r (int a, int b, int q) {
if (b == 0) return 1;
if (b%2 == 0)
return ((expmod_r(a,b/2,q))^2) % q;
else
return (a*expmod_r(a,b-1,q)) % q;
}
int expmod_i (int a, int[] b, int q) { // here b is encoded in binary
int c = 0, d = 1;
for (i = b.length-1; i >= 0; i--) {
c = c*2; // c is used to prove correctness
d = (d*d)%q;
if (b[i] == 1) {
c++;
d = (d*a)%q;
}
}
return d;
}2. Probabilistic approach is best: Miller Rabin primality test
int generate_prime(int k) { // k rounds of testing to perform
bool probablyPrime = false;
while (!probablyPrime) {
int n = getRandomInt();
probablyPrime = miller_rabin(n,k);
}
return n;
}For full algorithm in C see here.
3.
- generate factors , multiply them, add 1, result is , test primality
- do until you have a prime
- loop factors, test if there is , in modulo
- if
truego back to step 1.
- if
- return
Complexity
For , with as the bit-length of
- recursive algorithm:
- iterative algorithm:
Miller Rabin
-
- polynomial
Primitive Root
- complexity is in step 2. meaning complexity of modulo exponent
Security
By the rules of modular arithmetics:
This way the two sides exchanged the secret value using the private keys . The only way the adversary can solve this knowing:
But for larger primes discrete logarithms are considered infeasible.