About key exchange protocols and key exchange algorithms.

I wanted to write about this for quite a while. The recent post on Reddit on a related subject, followed by this article from Mike MacCana is giving me the perfect opportunity to bring more clarity on the difference between a key exchange protocol and a key exchange algorithm.

Disclosure: I work for Symantec.

I will not cover the basics of an SSL connection here, but rather focus on a specific part of it: the handshake protocol. Just like Mike MacCana did, I can only but highly recommend as well that you read “The Code Book” written by Simon Singh if you wish to get a deeper overview of what encryption is and why it’s such a controversial topic at the moment. Although the book was published in 1999, its content remains perfectly relevant today.

Being able to securely share a secret (and by extension, share a key for the next rounds of communications) was made possible thanks to a protocol called Diffie-Hellman. this protocol roughly corresponds to the following statement which was found on Reddit:

You want to send a box to me without Eve getting at what’s inside. So you put a lock on it and send it to me.
Now neither Eve nor I can open it because it’s locked. I add my own lock because f*** you and your stupid lock. I send it back to you.
Now you can’t open it and it’s locked so it’s worthless, therefor you take your precious lock back and send the now worthless piece of s*** back to me.
Eve is still like “WTF?” All she has seen so far is the same box going back and forth with locks she can’t open.
So now I get the box with my lock on it and I take my lock off. Now the box is unlocked and I can take your s***.

A brilliant explanation worth 4 Reddit gold.

Now does this actually make the exchange secure? If you, me and Eve were in the same room when exchanging the box then probably yes, as you would be able to see me, and therefore recognise me and give me the box — and not give it to Eve.

On the Internet, it is a whole different story. How can I make sure no one actually intercepted your locked box when you sent it to me, added their own lock and sent it back to you? If you’re not sure to understand the issue, check this very short video.

The Diffie-Hellman (DH) protocol on its own doe not guarantee a secure key exchange. It is always accompanied with a key-exchange algorithm which will authenticate at least the server, and in some cases the client wishing to connect to the server.

The first key-exchange algorithm created to address the authentication issue with the DH protocol was RSA, and is still widely used today. RSA relies on what is called a trapdoor function (also called one-way function) to create key pairs. I explained here the role of these key pairs if you wish to know more.

Another example of key-exchange algorithm is DSA. As far as I am aware it was created and mainly used by US governments. It relies on the same key pair approach. A third and relatively new algorithm is emerging and should progressively replace RSA within the next couple of years: it is called elliptic curve digital signature algorithm (ECDSA) and it relies on elliptic curve cryptography (ECC). I have written a bit about ECC here — apologies for redirecting again on a Symantec platform; this is my very first article on Medium. I hope to write more often here going forward.

Speaking of ECC, this type of cryptography is also available for the Diffie-Hellman protocol: it is called elliptic curve Diffie–Hellman (ECDH).

You may also hear about Ephemeral Diffie-Hellman protocol (DHE) or elliptic curve Diffie-Hellman Ephemeral (ECHDE). Both of them use a very important feature called forward secrecy: instead of using the same key pair for each new connection they generate new, temporary key pairs every time.

Quick sum-up:

  • key exchange protocols > DH, ECDH or with forward secrecy DHE, ECDHE
  • key exchange algorithms > RSA, DSA or ECDSA

Something I haven’t mentioned until now is how the authentication is actually performed during a handshake. I explained that the key exchange protocol was always linked to a key exchange algorithm, but this is also where SSL certificates and PKI come into action. This could be the subject of another full article so I did not want to write about this here.

I hope you found this content helpful. If you have any comment, question or spotted a mistake just let me know!