The Problem of Symmetric Encryption
As we learnt in this previous post about Symmetric Encryption, all of the algorithms of this encryption type use the same key to encrypt and decrypt. This means that, before we encrypt/decrypt anything sender and receiver need to agree on that secret key. For example, if you and I want to establish a secure communication, we first need to decide what that secret key is going to be.
The problem is - how do we send that secret key (which is the most sensitive data of our communication) over an insecure channel? The communication channel is not secure yet, it will only be secure when we encrypt the data with the secret key but not in the moment of sending the key across.
This was one of the biggest problems in cryptography until the 1970s - how to securely exchange information with someone if we still haven't had the opportunity to share a private key to encrypt the info. And that's what the algorithm of two cryptographers, Whitfield Diffie and Martin Hellman, solve.
The purpose of the Diffie-Hellman (DH) algorithm is to provide a mechanism for two parties that have never met before to build together a shared secret key that can be used later on with symmetric encryption to transmit information securely.
How it works - An Example
Let’s say that You and Me want to create a shared secret key using the DH algorithm. And let's assume that we've got some communication channel but it's insecure. These are the steps we need to follow (in red the private number which are never sent):- First You and I come up with two numbers g and p. I could for example pick up g and p and send them over to you:
g = 2
p = 11
- You then pick a secret number (a). This is your secret number and you won’t tell anyone, not even me. Then you calculate A = g exp(a) mod p and send A to me. Let’s say you pick a = 9
A = g exp(a) mod p = 2 exp(9) mod 11 = 512 mod 11 = 6
- I do the same on my side. I pick my secret number (b), which I won’t tell anyone, and calculate B = g exp(b) mod p and send it to you. Let’s say you pick b =4. Then
B = g exp(b) mod p = 2 exp(4) mod 11 = 16 mod 11 = 5
- Now you take the number I sent you, B and repeat the same operation with it. That is
B exp(a) mod p = 5 exp(9) mod 11 = 1,953,125 mod 11 = 9
- On my side, I do the same with the number you sent me
A exp(b) mod p = 6 exp(4) mod 11 = 1,296 mod 11 = 9
- The magic here is that you and I obtain the same result, 9. That will be our shared secret key.
- (g exp(a) mod p) exp(b) mod p = g exp(a x b) mod p
- (g exp(b) mod p) exp(a) mod p = g exp(b x a) mod p
Obviously, with small numbers like these, it would be easy for a computer to try all the possible combinations for a or b to match A and B and find our secret numbers. But when the algorithm is used with very big, huge numbers this requires an enormous computational power to do that, so much power that nowadays the process would take years.
In summary...
That’s the basis of asymmetric algorithms - the use of mathematical functions that are very simple to do in one way but extremely difficult to calculate in reverse.
With this mechanism, in our example, both you and I have created together a number, that is our shared secret key. And now we can use that key as our key for a symmetric algorithm and encrypt the traffic in our communication.
Technically, we could use Diffie-Hellman to establish public and private keys. However, RSA is the preferred algorithm for that, mainly because RSA can also sign public-key certificates and Diffie-Hellman cannot.
DH is widely used in security protocols such as TLS, SSH, IPSec and many others. So, every time we use HTTPS for our Mule apps or a VPN in our Anypoint Platform, remember, there's going to be a shared secret key generated by this incredibly simple algorithm.