In one variant of the Diffie-Hellman key exchange one of the parameters needs to be a large prime number. The security of both methods depends on picking numbers that are just right. There are two methods commonly used to agree on shared secrets: have one party use some long-term asymmetric key to encrypt the secret and send it to the owner of the key (like in an RSA key exchange), or have both parties exchange messages that contribute to the computed shared secret (what we call Diffie-Hellman key exchange). While there are multiple protocols that provide assurances about security, the good ones require that the parties agree on some shared secret before any user data can be encrypted and integrity protected. When we use machines to communicate over the internet, we often want those exchanges to be secure: protected against modification in transit, scrambled in a way that only we and the intended recipient can read it, and linked with a specific identity (a specific server or person) so that we know who we are communicating with.
0 Comments
Leave a Reply. |