\section{Diffie-Hellman Key Exchange} One problem we encounter in computer science is \textit{secure key exchange}: How can two parties (usually called Alice and Bob) agree on a \say{key} without revealing anything to an eavesdropper (Eve)? \begin{center} \begin{tikzpicture} \node (A) at (0, 0) {Alice}; \node (B) at (4, 0) {Bob}; \node (E) at (2, -1) {Eve}; \draw[-] (A) edge (B) (E) edge (2, 0) ; \end{tikzpicture} \end{center} A simple mathematical solution to the key exchange problem is the \textit{Diffie-Hellman key exchange algorithm}, detailed below. \vspace{1mm} Values that are \textit{public} are known to everyone. Values that are sent are also known to everyone: we assume that everyone can see what Alice and Bob send to each other. Eve can read all public values, but she cannot change them in any way. \begin{center} \begin{tikzpicture}[scale = 0.5] \def\bx{18} \def\ex{13} \node[anchor = center] at (\ex, 7.5) {\textbf{Setup}}; \draw[-] (\ex-4.5, 7) -- (\ex+4.5, 7); \node[anchor = west] at (\ex-4, 6) {Let $p$ be a prime number}; \node[anchor = west] at (\ex-4, 5) {Let $g$ be a generator in $\mathbb{Z}_p^\times$}; \node[anchor = west] at (\ex-4, 4) {Both $g$ and $p$ are public.}; \node[anchor = center] at (4, 1.5) {\textbf{Alice}}; \draw[-] (-0.5, 1) -- (8.5, 1); \node[anchor = west] at (0, 0) {Pick a random $a \in \mathbb{Z}_p^\times$}; \node[anchor = west] at (0, -1) {Set $A = g^a$}; \node[anchor = west] at (0, -3) {Publish $A$}; \draw[->] (6, -3) -- (\ex - 1, -3); \node[anchor = west] at (0, -5) {\color{gray} Compute ...}; \node[anchor = center] at (\bx+4, 1.5) {\textbf{Bob}}; \draw[-] (\bx-0.5, 1) -- (\bx+8.5, 1); \node[anchor = west] at (\bx, 0) {Pick a random $b \in \mathbb{Z}_p^\times$}; \node[anchor = west] at (\bx, -1) {Set $B = g^b$}; \node[anchor = west] at (\bx, -4) {Publish $B$}; \draw[->] (\bx - 1, -4) -- (\ex+1, -4); \node[anchor = west] at (\bx, -5) {\color{gray} Compute ...}; \node[anchor = center] at (\ex, 1.5) {\textbf{Public}}; \draw[-] (\ex-2, 1) -- (\ex+2, 1); \node[anchor = center] at (\ex, 0) {$p, g$}; \node[fill=white, anchor = center] at (\ex, -3) {$A$}; \node[fill=white, anchor = center] at (\ex, -4) {$B$}; \end{tikzpicture} \end{center} \problem{} Complete the algorithm. What should Alice and Bob compute? \par What is their shared secret? \vfill \problem{} Let $p = 11$, $g = 2$, $a = 9$, and $b = 4$. \par Run the algorithm. What is the resultingw shared secret? \begin{solution} $g^b = 5$\par $g^a = 6$\par $g^{ab} = g^{ba} = 9$ \end{solution} \vfill \pagebreak \problem{} Is the Diffie-Hellman key exchange algorithm secure? What information does Eve have? \par What does Eve need to do to find the value Alice and Bob agreed on? \vfill \problem{} Now, say Eve can change information in transit. \par That is, she can pretend to be Alice to send information to Bob. \par How can she break this system? \par \note[Note]{This is called a \textit{man-in-the-middle} attack.} \vfill \pagebreak