An Efficient and Secure Key Exchange Method: X25519 and Blake2b

Well, it all started in 1976, when Diffie and Hellman proposed the Diffie-Hellman key exchange method. And we are still using it today. The discrete log methods have been replaced by elliptic curve methods, and we have added in more authentication of the public key, but it’s still roughly the same method. For this Alice generates a, and Bob generates b, and they compute their public key values of aG and bG, respectively (and where G is the base point on the curve). When Alice receives bG, she computes a.(bG) to get abG, and Bob takes aG, and computes b.(aG) to get abG. They then have the same shared key.

So how can we speed the process up, and use secure methods? Well, one way is to use the mighty X25519 curve and the highly efficient Blake2b hashing method (created by Jean-Philippe Aumasson). For this, we can hash in the public keys of Bob and Alice, too. In the following, we pass Bob and Alice’s public key, and then compute the shared key as before (a.PKb and b.PKa) but we also hash in the public keys of Bob and Alice. For this, we take a 512-bit Blake2b hash and then take the lower 256 bits for our Rx key, and the upper 256 bits for our Tx key: