Did you ever think that how your TCP/IP connection is secured? TCP/IP connection requires sync and acknowledgment sending data between server to the client also known as a handshake.
Communication between two computers in TCP/IP connection needs to be secured when it comes to sensitive private data. Only the sender and receiver should decipher the data with a shared key. So this is the kinda idea.
To secure the HTTP connection we came with the idea of an SSL/TLS connection. SSL/TLS connection uses encryption methods to secure the connection. So far we use two types of encryption, symmetric and asymmetric encryption. symmetric encryption uses a strong block cipher to encrypt and decrypt data. On the other hand, asymmetric encryption uses public and private key methods to secure connection. Sounds confusing right? if your key is public how can it ensure privacy!
Relax! Don't panic. A public key is essential by which you can cipher the message and broadcast it with a public key, you can decipher the message if you only have the private key and it kept secret. So it's like the two sides locked door. You may have the public key but can't open the door if it's locked inside with private key! Interesting right? more then 52% of websites today use public-key methods to secure connection. but whats the underlining maths or engineering behind it?
Suppose Alal and Dulal are brothers. they want to share there location information secrecy so their father can't find them. let's see whats they can do with Diffie-helmen,
Step 1: Alal, Dulal agrees to share a share public key pair (G,p), where G = 9, p = 23.
const power = 23;
const generator = 9;
step 2: Alal's Private key a = 4. And Dulal's private key b=3
const alals_private = 4;
const dulals_private = 3;
step 3: Alal and dulal compute public values using
alals_public =(9^4 mod 23) = (6561 mod 23) = 6
dulals_public = (9^3 mod 23) = (729 mod 23) = 16
const alals_shared_public = secretGenerator(generator,alals_private,power);
const dulals_shared_public = secretGenerator(generator,dulals_private,power);
step 4: Alal and Dulal exchange public numbers
step 5: Alal receives public key 16 and
Dulal receives public key 6
Step 6: Alal Dulal decipher the key with their private key
Alal: ka = 16^4 mod 23 = 65536 mod 23 = 9
Dulal: kb = 6^3 mod p = 216 mod 23 = 9
const shared_secret_of_alal = secretGenerator(dulals_shared_public,alals_private,power);
const shared_secret_of_dulal = secretGenerator(alals_shared_public,dulals_private,power);
finally, they got there shared secret 9!
completed code can be found here :
function secretGenerator(generator,power,mod_number){
return power === 1 ? generator : Math.pow(generator,power)%mod_number ;
}
(function DH(){
const power = 23;
const generator = 9;
const alals_private = 4;
const dulals_private = 3;
const alals_shared_public = secretGenerator(generator,alals_private,power);
const dulals_shared_public = secretGenerator(generator,dulals_private,power);
const shared_secret_of_alal = secretGenerator(dulals_shared_public,alals_private,power);
const shared_secret_of_dulal = secretGenerator(alals_shared_public,dulals_private,power);
console.log(shared_secret_of_alal,shared_secret_of_dulal);
})();
So the final thought is if you have the public keys G and P and the shared public key's you can't decipher the secret because you don't have the private key a and b. And for a large number, this logarithmic calculation is computationally costly.
Top comments (0)