Diffie–Hellman key exchange

As this week session, content, assignment touched upon Diffie–Hellman key exchange I wanted to explore how I might learn more and potentially used it as part of our assignment.


So I began pulling together a framework using excel.

As you can see in the illustration above, the math works.

Next Steps, I want to find someone in our Elk community, with whom we can go through this exercise to generate the common secret

If any one is interested, please lmk, we can do it this week.


YESSSS! It’s finally happening, I knew there was the right creativity within our fledgling community to start figuring this problem out!

This is great! Let’s try it.

I’ll use this plain-english version from https://security.stackexchange.com/questions/45963/diffie-hellman-key-exchange-in-plain-english:

  1. I come up with two prime numbers g and p and tell you what they are.

Let’s say g = 503 and p = 98764321261 for some reason.

  1. You then pick a secret number ( a ), but you don’t tell anyone. Instead you compute g^a mod p and send that result back to me. (We’ll call that A since it came from a ).

Here’s where you compute and share a value for A!

  1. I do the same thing, but we’ll call my secret number b and the computed number B . So I compute g^b mod p and send you the result (called " B ")

Done! B = (g ^ b) % p = 46659981003

  1. Now, you take the number I sent you and do the exact same operation with it . So that’s B^a mod p .

And that’s how you get our shared secret.

  1. I do the same operation with the result you sent me, so: A^b mod p .

And that’s how I get our shared secret.

Awesome! Let’s do it.

@pkrasam Let me know if you’d like to try computing your Diffie-Hellman shared “public transport” key (A), step 2) in the example above. Then after that, we’ll have our very own shared secret!!!

This is pretty cool. I could see this being used as a mechanism to generate a kind of “password” to facilitate future secure communication, e.g. symmetric encryption like AES-256 for an IoT device!

1 Like

@isso - what do you think about the idea of creating secure communication in this way for IoT?