Diffie Hellman: secure but to what extent?

Given how widely the internet and messaging applications are in use today, the extent to which our access and data is secure, and to whom it is accessible is very important. The ubiquitous use of technology ensures that a large portion of our lives are stored online, and that private information will remain potentially vulnerable for decades to come. If one is living above the law, and has nothing to hide, this may not seem to be of any concern. This is to downplay however the potential of cybercrime. In 2017, there were 175,000 cases of identity fraud reported in the UK, as per Fraudscape. The National Crime Agency classifies local cybercriminals as a “rising threat”, and that the continued growth of the Internet of Things “the race between hackers’ and defenders’ capabilities will increase in pace and intensity.” Progress in artificial intelligence methods in voice and video simulation (deepfakes) is causing concern of a new source of cybercrime, with a whole new level of deception made possible. A cybercriminal could use video call data to craft a convincing fake of the victim’s loved one, and simulate a distressed call from abroad asking for money transfer. 

In cybersecurity, we cannot speak of vulnerabilities in a general way, but only in reference to specific components which make up a network protocol. For those unfamiliar with this term, a protocol refers to the set of rules that direct how data is securely transmitted across network devices. In this article, we will look at public key exchange, an important part of numerous protocols and a key aspect of internet security, as well as some corresponding vulnerabilities. 

Secure Communication in Practice

Fundamentally, the objective of encryption is to provide a secure means of communication over an insecure channel. If you are communicating with a friend over a messaging service, then you are sending private data over a shared network. To be safe from eavesdropping the data needs to be made illegible to prying eyes. The only other solution is to set up a specialized connection, either installing separate fiber optic cables (impractical to say the least!) or else opt for a very expensive “leased line” from an internet service provider that makes practical sense only for large businesses.  

In order for 2 people to communicate securely over an insecure channel, there needs to be a key to decipher the encrypted information. The key is via mathematical transformations used to encrypt the information, to transmit it, and then decrypt it. For this to be possible, however, there must be a preliminary agreement on this secret key, and practically this means that it would have been exchanged via another secure channel like courrier. This creates obvious practical difficulties that make secret key exchange an ineffective solution in most cases. At first glance, it may seem unclear how to get around this problem. If the 2 people don’t have an agreed secret key, how can they communicate secretly? How can the party on the receiving end decrypt the encrypted information?

Public Key Exchange

The trick lies in some clever mathematics. One of the things that is beautiful about mathematics is that we can design objects that are purely conceptual, but are nonetheless completely real, as we can rely on them to solve real world problems. Without getting into formal and technical definitions, we can design an encryption/decryption pair that can be easily calculated from an initial number, but that is too computationally costly (requiring too much computing time) to reverse the encryption. In other words, the decryption cannot be feasibly inferred from the encryption, though specific encryption/decryption pairs can be calculated. 

Diffie Hellman, and its vulnerability

The reason why the above described logical twist is important is that this allows the 2 parties to conduct an initial mutual calculation with 2 sets of numbers for each, one number private and the other secret. Each person has both a secret and a public number. From these sets of numbers, via unique mathematical relationships they can together compute a number that will only be known to them. The hurdle initially described has been overcome: the 2 parties now share a secret key without having sent it by another channel. 

The first instance of this method was published in 1976, and is called Diffie Hellman Key Exchange. It is used in a variety of security applications and is available in cryptographic libraries like OpenSSL. The obvious vulnerability at first glance is that if an attacker intercepts the exchange of numbers, they can act as an intermediary by presenting themselves as the other party. If Alice and Bob are the communicating parties, and Eve is the attacker, Eve can represent herself as Bob to Alice and as Alice to Bob, and therefore will have intercepted the secret key and access all communications between Alice and Bob. This is called a “man in the middle” attack. 
The other less obvious vulnerability called Logjam was exposed by a team of computer scientists in 2015. Note carefully that we previously said that with our specially chosen pairs, it was too costly to infer the decryption from the encryption. The key question here is too costly for whom? The Logjam vulnerability discovery revealed that it would cost hundreds of millions of dollars to calculate the special mathematical relationships for even one number. In the past, it was assumed that even for one number the calculation was too costly, and therefore the encryption was safe. As a result the same numbers were frequently recycled! The issue is that for a large intelligence agency, several hundred million dollars is not an impossible sum, and the authors concluded doing such a massive computation for even 2 numbers would give them access to a large portion of secure communications. This hypothesis was consistent  with NSA leaks regarding VPN attacks, suggesting that such a computation could have been made.