How Wheatfield Diffie helped Bob and Alice trick Eve

Many experts believe that the concept of Diffi is still the biggest step forward in the history of cryptography. In 1976, Whitfield Diffie and his co-author, Stanford professor Martin Hellman, published the scientific paper "New Directions in Cryptography". The study presented the key exchange algorithm, which is widely used today in cryptographic applications.

The problem that Diffie and Hellman managed to solve can be illustrated with the example of Alice and Bob ( archetypes in cryptography). Imagine that Alice needs to send a paper letter to Bob, but she knows that the post office employee Eva is peeping in the correspondence. To prevent this, Alice puts the letter in the iron box, closes it on the lock and sends it to Bob. But how will Bob open the box?
')


Bob was helped by Diffie and Hellman by proposing his “exponential key exchange method.” After receiving a closed box from Alice, Bob will hang another lock on it and send it back where Alice will remove her lock and send the box to Bob a second time, who will have the key this time. This simple story changed all the cryptographic axioms that existed at the time and showed how two people can transmit a secret message without exchanging keys. In practice, everything turned out to be somewhat more complicated, since the existing algorithms still require the removal of ciphers in the order in which they were applied. But the idea with the box pushed researchers to find a solution that was found using one-way functions.

The principle of operation of the Diffie-Hellman algorithm using the example of paint cans can be found in the figure below or in the Art of the Problem video clip . Alice and Bob manage to agree on a secret color, which is the key to the cipher, so that Eve (a curious post office worker) cannot receive it.



Today, an improved version of the Diffie-Hellman algorithm is used in many services, but in recent years, additional methods of one-way or two-way authentication are used to avoid MITM attacks.

In addition to a lot of research in the field of information security, Whitfield Diffie is famous for his statements, in particular about the fundamental flaws in security and control systems, which can easily turn into weapons aimed at their creators.

In his article in the journal Scientific American, Diffie wrote that police surveillance of the Internet, as opposed to more reliable protection of computers inhabiting it, can be a very unreliable and treacherous tool. For there are no guarantees that government monitoring tools can be made much safer than the computers they are designed to protect. And if so, then there is a very serious risk that controls may be compromised or used against the authorities that created and deployed them. Raging viruses on the Internet can capture not only the machines that are monitored, but also computers involved in police surveillance.

If the words did not help, the American cryptographer, who celebrated his 70th birthday last year, was always ready to demonstrate in practice his personal discontent with his modern attitude to privacy. In 2013, PopTech Diffi , like all conference participants, was given an electronic badge with security data about the owner: everyone could instantly receive information about the others. Considering this a violation of his rights, Whitfield broke his badge and sent the device into sleep mode, and then the badge began to “put to sleep" all the other nTag, which were within reach.

On May 26, Whitfield Diffie will speak at the Positive Hack Days forum organized by Positive Technologies. One of the founders of asymmetric encryption and venture fund adviser Almaz Capital Partners will hold a teleconference and during the presentation will answer the most interesting questions of the forum participants. Send your questions to phd@ptsecurity.com or leave here in the comments.