Key Agreement Protocol

Is an implementation of perfect forward secrecy where both the client and recipient contribute to the creation of a secure session key.

The general algorithm for a sender/reciever pair of Alice/Bob is:

Alice & Bob declare and share two numbers between themselves.
- A large prime number $p$ , and
- A number $g, 1 < g < p$ .
These don't need to be secret so they can be sent over an unsafe channel.
Both Alice and Bob now independently pick some random number $a$ and $b$ respectively.
Alice sends Bob $g^{a} (mod p)$
Bob sends Alice $g^{b} (mod p)$
Both Alice and Bob now calculate $S = (g^{b} \mod p)^{a} = (g^{a} \mod p)^{b} = g^{a b} \mod p$ . $S$ is the secret session key used to secure correspondences between Alice and Bob.

This algorithm is secure so long as the discrete log problem is maintained.

Vulnerabilities

This protocol is still [see page 39, vulnerable] to man in the middle attacks.