Key Agreement Protocol
- Tags
- security networking
Is an implementation of perfect forward secrecy where both the client and recipient contribute to the creation of a secure session key.
The general algorithm for a sender/reciever pair of Alice/Bob is:
Alice & Bob declare and share two numbers between themselves.
- A large prime number
, and - A number
.
These don't need to be secret so they can be sent over an unsafe channel.
- A large prime number
Both Alice and Bob now independently pick some random number
and respectively.Alice sends Bob
Bob sends Alice
Both Alice and Bob now calculate
. is the secret session key used to secure correspondences between Alice and Bob.
This algorithm is secure so long as the discrete log problem is maintained.
Vulnerabilities
This protocol is still [see page 39, vulnerable] to man in the middle attacks.