

Small simple explanation to Diffie-Hellman Key Exchange (D-H) - Tomer
http://tbdcomp.blogspot.com/

======
RiderOfGiraffes
That's a really, really bad explanation. You have

    
    
        Bill: Says: 5
        Bill: hmm Now I know the key is: 5
        Monika: hmm now I know the key is: 5
        And they encrypt their communication
        with this number 5, Hillary does not
        know that the number they have chosen
        is 5.
    

But Bill said "5" and Hillary is listening!

Really, really bad.

I admit that it seems at the beginning that Diffie-Hellman is complicated, but
really it's not. You can implement the basics in 3 lots of 8 lines of python.
Follow the logic.

Using uppercase for secrets and lower case for openly visible information, and
we're talking about Y (for you) and M (for me):

    
    
        We openly agree b (small prime) and n (large prime).
        All calculations will be done modulo n.
        We each pick secrets, Y for you and M for me.
        We each compute powers: y=b^Y and m=b^M
        Exchange these powers openly.
        We each raise the others power to our own secret,
            y^M and m^Y, and we get the same answer!
        Use that as a key in blowfish or similar.
    

That's all there is. There are some details about "good" primes versus "bad"
primes, but really, that's it.

So, a longer explanation:

Together, over the phone, you and I pick two numbers, n and b. One's a 500 bit
prime, the other is a moderate prime, say, 53. That's not too critical. We
agree these openly, everyone can know them.

Now you pick a really big secret number, Y, and I pick a secret number M. You
compute y = b^Y (modulo n) and I compute m=b^M (mod n).

We exchange these, quite openly.

Then I compute y^M, and you compute m^Y. The fun part is that the answers we
get are the same.

Why?

You computed m^Y which is (b^M)^Y which is b^(MxY), while I computed y^M,
which is (b^Y)^M which is b^(YxM). (using "x" for multiplication, because
asterisks change to italic)

Modulo n, everything works.

Now we share a secret, and we can use that in a symmetric cipher such as
blowfish, or whatever.

It is believed that no one can deduce the shared secret, or the individual
secrets, from the visible numbers.

------
Nycto
The run on sentences make this article hard to follow. The last paragraph of
the article even says, "not the best explanation..." Isn't the whole point
that this is supposed to be a good, simple explanation?

Wikipedia offers a much better walk-through of what it is and how it works:

<http://en.wikipedia.org/wiki/Diffie-Hellman>

------
newsdog
It's actually a terrible explanation. I understood it better before.

