Abstract
In 1976, Whitfield Diffie and Martin Hellman published their now famous paper [38] entitled “New Directions in Cryptography.” In this paper they formulated the concept of a public key encryption system and made several groundbreaking contributions to this new field. A short time earlier, Ralph Merkle had independently isolated one of the fundamental problems and invented a public key construction for an undergraduate project in a computer science class at Berkeley, but this was little understood at the time. Merkle’s work “Secure communication over insecure channels” appeared in 1982 [83].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
It is surely laudable to keep potential weapons out of the hands of one’s enemies, but many have argued, with considerable justification, that the government also had the less benign objective of preventing other governments from using communication methods secure from United States prying.
- 2.
Of course, one never knows what cryptanalytic breakthroughs have been made by the scientists at the National Security Agency, since virtually all of their research is classified. The NSA is reputed to be the world’s largest single employer of Ph.D.s in mathematics. However, in contrast to the situation before the 1970s, there are now far more cryptographers employed in academia and in the business world than there are in government agencies.
- 3.
The \(\mathcal{P} = \mathcal{N}P\) problem is one of the so-called Millennium Prizes, each of which has a $1,000,000 prize attached. See Sect. 5.7 for more on \(\mathcal{P}\) versus \(\mathcal{N}P\).
- 4.
If you have studied complex analysis, you may have noticed an analogy with the complex logarithm, which is not actually well defined on \(\mathbb{C}^{{\ast}}\). This is due to the fact that e 2π i = 1, so log(z) is well defined only up to adding or subtracting multiples of 2π i. The complex logarithm thus defines an isomorphism from \(\mathbb{C}^{{\ast}}\) to the quotient group \(\mathbb{C}/2\pi i\mathbb{Z}\), analogous to (2.1).
- 5.
Most public key cryptosystems require the use of random numbers in order to operate securely. The generation of random or random-looking integers is actually a delicate process. We discuss the problem of generating pseudorandom numbers in Sect. 8.2, but for now we ignore this issue and assume that Bob has no trouble generating random numbers modulo p.
- 6.
We are being somewhat informal here, as is usually done when one is working with groups. Here is a more formal proof. We are given that a ⋆ g i = a ⋆ g j . We use this assumption and the group law axioms to compute \(g_{i} = e\star g_{i} = (a^{-1}\star a)\star g_{i} = a^{-1}\star (a\star g_{i}) = a^{-1}\star (a\star g_{j}) = (a^{-1}\star a)\star g_{j} = e\star g_{j} = g_{j}.\)
- 7.
Although we use the same word for the order of a finite group and the order of growth of a function, they are two different concepts. Make sure that you don’t confuse them.
- 8.
Multiplication by g is a “baby step” and multiplication by \(u = g^{-n}\) is a “giant step,” whence the name of the algorithm.
- 9.
Lagrange’s theorem (Proposition 2.13) says that the order of g divides 17388 = 22 ⋅ 33 ⋅ 7 ⋅ 23. So we can determine the order of g by computing g n for the 48 distinct divisors of 17388, although in practice there are more efficient methods.
- 10.
Addition in a ring is virtually always denoted by +, but there are many different notations for multiplication. In this book use a ⋆ b, \(a\dot{b}\), or simply ab, depending on the context.
- 11.
For notational convenience, we drop the ⋆ for multiplication and just write \(\boldsymbol{a} \cdot \boldsymbol{b}\), or even simply \(\boldsymbol{a}\boldsymbol{b}\).
- 12.
According to our definition, even if both \(\boldsymbol{a}\) and \(\boldsymbol{b}\) are 0, they have a greatest common divisor, namely 0. However, some authors prefer to leave gcd(0, 0) undefined.
References
W. Diffie, The first ten years of public key cryptology, G.J. Simmons (ed.), in Contemporary Cryptology (IEEE, New York, 1992), pp. 135–175
W. Diffie, M.E. Hellman, New directions in cryptography. IEEE Trans. Inf. Theory IT-22(6), 644–654 (1976)
D.S. Dummit, R.M. Foote, Abstract Algebra, 3rd edn. (Wiley, Hoboken, 2004)
T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)
J. Ellis, The story of non-secret encryption, 1987 (released by CSEG in 1997). https://cryptocellar.web.cern.ch/cryptocellar/cesg/ellis.pdf
J. Fraleigh, A First Course in Abstract Algebra, 7th edn. (Addison Welsley, Boston/London, 2002)
I.N. Herstein, Topics in Algebra, 2nd edn. (Xerox College Publishing, Lexington, 1975)
K. Ireland, M. Rosen, A Classical Introduction to Modern Number Theory. Volume 84 of Graduate Texts in Mathematics (Springer, New York, 1990)
D. Kahn, The Codebreakers: The Story of Secret Writing (Scribner Book, New York, 1996)
R.C. Merkle, Secure communications over insecure channels, in Secure Communications and Asymmetric Cryptosystems, ed. by G.J. Simmons. Volume 69 of AAAS Selected Symposium Series (Westview, Boulder, 1982), pp. 181–196
R.C. Merkle, M.E. Hellman, Hiding information and signatures in trapdoor knapsacks, in Secure Communications and Asymmetric Cryptosystems, ed. by G.J. Simmons. Volume 69 of AAAS Selected Symposium Series (Westview, Boulder, 1982), pp. 197–215
R.L. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
A. Shamir, A polynomial-time algorithm for breaking the basic Merkle-Hellman cryptosystem. IEEE Trans. Inf. Theory 30(5), 699–704 (1984)
J.H. Silverman, A Friendly Introduction to Number Theory, 4th edn. (Pearson, Upper Saddle River, 2013)
S. Singh, The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography Reprint edn. (Anchor, New York, 2000)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Hoffstein, J., Pipher, J., Silverman, J.H. (2014). Discrete Logarithms and Diffie–Hellman. In: An Introduction to Mathematical Cryptography. Undergraduate Texts in Mathematics. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-1711-2_2
Download citation
DOI: https://doi.org/10.1007/978-1-4939-1711-2_2
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4939-1710-5
Online ISBN: 978-1-4939-1711-2
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)