When Alice met Bob
by Kseniya Garaschuk
Meet Alice and Bob. They would like to share a secret with each other , but they are
under a constant watch of Eve intercepting all their communications. So, what are Alice
and Bob to do? The amazing thing is that, using prime numbers and modular arithmetic,
Alice and Bob can share their secret, right under Eve’s nose!
1
Some background - modular arithmetic
A prime number is an integer (a whole number) that has as its only factors 1 and itself.
For example, 2, 3, 5, 7, not 9, 17, 23, and 127 are prime). Modular arithmetic is basically
arithmetic on a circle – the values “wrap around”, always staying less than a fixed number
called the modulus. The 12-hour clock is an example of modulus 12. Let’s try some examples:
• You are going to bed at 10pm and want to sleep for 8 hours. When do you set your
alarm for?
(10 + 8) (mod 12) ≡ 6.
• Today is Tuesday. What day will it be 200 days from now ?
200 (mod 7) ≡ 4, so it’s 4 days after Tuesday, so it will be Saturday.
• It is 7am. What time will it be 80 hours from now?
80 (mod 12) ≡ 8. Now, (7 + 8) (mod 12) ≡ 3, so 3pm.
2
The repeated squaring method
We will soon be working with really big numbers raised to really big powers: certainly, raising
a 100-digit-long number to the power 138239, for example, will produce a ridiculously large
number. This is true, but our Alice and Bob are working modulo P and there is a shortcut
called the repeated squaring method.
Say we want to compute 529 (mod 23). It’s actually possible to do this on a simple
four-function calculator. Let’s first make a list of the repeated squares of 5 all modulo 23:
51
52
54
58
516
(mod 23) = 5
(mod 23) = 25 (mod 23) = 2
(mod 23) = 52 · 52 (mod 23) = 2 · 2 (mod 23) = 4
(mod 23) = 54 · 54 (mod 23) = 4 · 4 (mod 23) = 16
(mod 23) = 58 · 58 (mod 23) = 16 · 16 (mod 23) = 3
(Notice here that the numbers do not get bigger, they just get scrambled.)
Then, 529 (mod 23) = 516 ·58 ·54 ·51 (mod 23) = 3·16·4·5 (mod 23) = 384 (mod 23) = 17.
3
Diffie-Hellman Key Exchange Protocol
• Alice and Bob agree, publicly, on a prime number P and a base prime number N . Eve
will know these two numbers, and it won’t matter!
• Alice chooses a number A, which we’ll call her ”secret exponent.” She keeps A secret
from everyone, including Bob. Bob, likewise, chooses his ”secret exponent” B, which
he keeps secret from everyone, including Alice.
Alice
Bob
Secret key A
Secret key B
Compute N A (mod P )
Compute N B (mod P )
Receive N B (mod P )
Receive N A (mod P )
B A
Compute (N ) (mod P ) Compute (N A )B (mod P )
Key is N AB (mod P )
Challenge 1. Let’s take P = 23, N = 5. Split the students into “Alice” groups and “Bob”
groups. Give them secret keys. Give them time to try to figure it out.
Alice
Bob
Secret key 13
Secret key 15
13
Compute 5 (mod 23) = 21
Compute 515 (mod 23) = 19
Receive 19
Receive 21
15 13
13
13 15
Compute (5 ) (mod 23) = 19 = 7 Compute (5 ) (mod 23) = 2115 = 7
Key is 7
Challenge 2. Now you are all Eve. I’m Alice, passing information to Bob. Our N = 5, P =
23. I pass him 11, which is 5A (mod 23). Find my secret exponent!
Why can’t Eve break this? Isn’t there some sort of inverse process by which Eve can
recover A from N A (mod P )? Well, this is very hard, it’s called the discrete logarithm
problem. As of now, there is no fast way known to do this, especially as P gets really large.
One way for Eve to solve this is to make a table of all of the powers of N (mod P ). But,
if P is enormous (say 100 digits long), the table Eve would have to make would have more
entries in it than the number of atoms in the universe! Simply storing that table would be
impossible, not to mention searching through it to find a particular number. Thus, if P is
sufficiently large, Eve doesn’t have a good way to recover Alice and Bob’s secret.
—The end—
2