Goal
To have an efficient security communication, we need to have a shared secret. with a unsecure channel
How does it work
We use the following operation: g ^ s % p
- is hard to inverse (discrete logarithm problem)
- can be composed
- (g ^ s1 % p)^ s2 % p == (g ^ s2 % p)^ s1 % p
Steps
- Both users agree on the parameters
gandp. They can be publicly shared - Then each user fetch a secret number (s1, s2) (private key)
- With that, each user generates the public key
g ^ s % p - and you get the public key of the other user and apply the
pk ^ s %p - and since both users used the same parameters but in different order…
Example
example of:
p = 23g = 5
p = 23 # small prime
g = 5 # generator
# Alice's keys
alice_private = 6
alice_public = pow(g, alice_private, p) # g^a mod p
# Bob's keys
bob_private = 15
bob_public = pow(g, bob_private, p) # g^b mod p
# Shared secret calculation
alice_shared = pow(bob_public, alice_private, p) # (g^b)^a mod p
bob_shared = pow(alice_public, bob_private, p) # (g^a)^b mod p
print(f"Alice public: {alice_public}")
print(f"Bob public: {bob_public}")
print(f"Shared secret: {alice_shared} == {bob_shared}")