Diffie-Hellman problem

Diffie-Hellman problem

The Diffie-Hellman problem (DHP) is the name of a specific problem in cryptography which was first proposed by Whitfield Diffie and Martin Hellman. The DHP is a problem that is assumed to be difficult to do, hence the security of many cryptographic protocols reduces to the DHP. If someone were to discover an easy solution to the DHP, these cryptographic protocols would also be easily broken. Understanding the difficulty of the DHP is a very important concept in modern cryptography.

Problem description

The Diffie-Hellman problem is posed as follows: : Given an element "g" and the values of "gx" and "gy", what is the value of "gxy"?

Formally, "g" is an element of some group (typically the multiplicative group of a finite field or an elliptic curve group) and "x" and "y" are randomly chosen integers.

For example, in the Diffie-Hellman key exchange, an eavesdropper observes "gx" and "gy" exchanged as part of the protocol, and the two parties both compute the shared key "gxy". A fast means of solving the DHP would allow an eavesdropper to violate the privacy of the Diffie-Hellman key exchange and many of its variants, including ElGamal encryption.

Its difficulty

In cryptography, for certain groups, it is "assumed" that the DHP is hard, and this is often called the "Diffie-Hellman assumption". The problem has survived scrutiny for a few decades and no "easy" solution has yet been publicized.

As of 2006, the most efficient means known to solve the DHP is to solve the discrete logarithm problem (DLP), which is to find "x" given "g""x". In fact, significant progress (by den Boer, Maurer, Wolf, Boneh and Lipton) has been made towards showing that over many groups the DHP is almost as hard as the DLP. There is no proof to date that either the DHP (or the DLP) is a hard problem, except in generic groups (by Nechaev and Shoup).

Other variants

Many variants of the Diffie-Hellman problem have been considered. The most significant variant is the decisional Diffie-Hellman problem (DDHP), which is to distinguish "g""xy" from a random group element, given "g", "g""x", and "g""y". Sometimes the DHP is called the computational Diffie-Hellman problem (CDHP) to more clearly distinguish it from the DDHP. Recently groups with pairings have become popular, and in these groups the DDHP is easy, yet the DHP is still assumed to be hard. For less significant variants of the DHP see the references.

References


* B. den Boer, "Diffie-Hellman is as strong as discrete log for certain primes" in Advances in Cryptology - CRYPTO 88, Lecture Notes in Computer Science 403, Springer, p. 530, 1998.
* U. M. Maurer and S. Wolf, "Diffie-Hellman oracle" in Advances in Cryptology - CRYPTO 96, (N. Koblitz, ed.), Lecture Notes in Computer Science 1070, Springer, pp. 268-282, 1996.
* cite journal
title = The Diffie-Hellman Protocol
author = Ueli M. Maurer and Stefan Wolf
journal = Designs, Codes, and Cryptography
year = 2000
month = March
editor =
publisher = Springer-Verlag
url = http://www.springerlink.com/content/r74n758123752440/
volume = 19
issue = 2-3
pages = 141-171
accessdate = 2008-09-28

* D. Boneh and R. J. Lipton, "Algorithms for black-box fields and their application to cryptotography" in Advances in Cryptology - CRYPTO 96, (N. Koblitz, ed.), Lecture Notes in Computer Science 1070, Springer, pp. 283-297, 1996.
* A. Muzereau, N. P. Smart and F. Vercauteran, "The equivalence between the DHP and DLP for ellipti curves used in practical applications", LMS J. Comput. Math., 7, pp. 50-72, 2004. See [www.lms.ac.uk] .
* D. R. L. Brown and R. P. Gallant, , [http://eprint.iacr.org/2004/306 "The Static Diffie-Hellman Problem"] , IACR ePrint 2004/306.
* V. I. Nechaev, "Complexity of a determinate algorithm for the discrete logarithm", Mathematical Notes, 55 (2), pp. 165-172, 1994.
* V. Shoup, "Lower bounds for discrete logarithms and related problems" in Advances in Cryptology - EUROCRYPT 97, (W. Fumy, ed.), Lecture Notes in Computer Science 1233, Springer, pp. 256-266, 1997.
* cite journal
title = Variations of Diffie-Hellman problem
author = Feng Bao. Robert Deng, Huafei Zhu
journal = ICICS
year =2002
month =
editor =
publisher = Springer-Verlag
url = http://www.i2r.a-star.edu.sg/icsd/publications/Baofeng_2003_Variations%20of%20Diffie%20Hellman%20problems.pdf
volume =
issue =
pages =
accessdate = 2005-11-23

* cite journal
title = The Decision Diffie-Hellman Problem
author = Dan Boneh
journal = ANTS-III: Proceedings of the Third International Symposium on Algorithmic Number Theory
year = 1998
month =
editor =
publisher = Springer-Verlag
url = http://theory.stanford.edu/~dabo/papers/DDH.ps.gz
volume =
issue =
pages = 48–63
accessdate = 2005-11-23

* cite journal
title = The Group Diffie-Hellman Problems
author = Emmanuel Bresson and Olivier Chevassut and David Pointcheval
journal = SAC '02: Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
year = 2003
month =
editor =
publisher = Springer-Verlag
url = http://www.di.ens.fr/~bresson/papers/BreChePoi02b.pdf
volume =
issue =
pages = 325–338
accessdate = 2005-11-23

* cite journal
title = Breaking generalized Diffie-Hellman modulo a composite is no easier than factoring
author = Eli Biham and Dan Boneh and Omer Reingold
journal =Information Processing Letters
year = 1999
month =
editor =
publisher = Elsevier North-Holland
url = http://www.wisdom.weizmann.ac.il/~reingold/publications/CGDH.PS
volume = 70
issue = 2
pages = 83–87
accessdate = 2005-11-23 |
doi = 10.1016/S0020-0190(99)00047-2
* cite journal
title = Diffie-Hellman Key Distribution Extended to Group Communication
author = Michael Steiner and Gene Tsudik and Michael Waidner
journal = ACM Conference on Computer and Communications Security
year = 1996
month =
editor =
publisher =
url = http://citeseer.ist.psu.edu/steiner96diffiehellman.html
volume =
issue =
pages = 31–37
accessdate = 2005-11-23

* cite journal
title = New Directions in Cryptography
author = Whitfield Diffie and Martin E. Hellman
journal = IEEE Transactions on Information Theory
year = 1976
month = November
editor =
publisher =
url = http://citeseer.ist.psu.edu/diffie76new.html
volume = IT-22
issue = 6
pages = 644–654
accessdate = 2005-11-23

Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • Diffie–Hellman problem — Cryptography portal The Diffie–Hellman problem (DHP) is a mathematical problem first proposed by Whitfield Diffie and Martin Hellman in the context of cryptography. The motivation for this problem is that many security systems use mathematical… …   Wikipedia

  • Decisional-Diffie-Hellman-Problem — Das Decisional Diffie Hellman Problem (kurz DDH) ist eine Variante des Computational Diffie Hellman Problems (CDH), bei dem es um die Schwierigkeit geht, zu entscheiden, ob eine Zahl eine bestimmte Form hat. Für bestimmte Gruppen wird angenommen …   Deutsch Wikipedia

  • Diffie–Hellman key exchange — (D–H)[nb 1] is a specific method of exchanging keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge …   Wikipedia

  • Diffie-Hellman key exchange — (D H) is a cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications… …   Wikipedia

  • Diffie-Hellman — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

  • Diffie-Hellman-Algorithmus — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

  • Diffie-Hellman-Merkle-Algorithmus — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

  • Diffie-Hellman-Merkle-Schlüsselaustausch — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

  • Diffie-Hellman-Schlüsselaustausch — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

  • Diffie-Hellman-Schlüsseltausch — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”