david wong

Hey! I'm David, cofounder of zkSecurity and the author of the Real-World Cryptography book. I was previously a crypto architect at O(1) Labs (working on the Mina cryptocurrency), before that I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

What's a key exchange? posted March 2020

book

I've been writing about cryptography for a book for a year now, and it has brought me some interesting challenges. One of them is that I constantly have to throw away what I've learned a long time ago, and imagine what it feels like not to know about a concept.

For example what are key exchanges?

The most intuitive explanation that I knew of (up until recently) was the one given by the wikipedia page on key exchanges. You might already know about it (unless you're reading this post to learn about key exchanges). It's a picture that involves paint. Take a look at it, but don't try to understand what is going on if you don't know about key exchanges yet. You can come back to it later.

wikipedia

I thought this was great. At least until I tried to explain key exchanges to my friends using this analogy. Nobody got it.

Nobody.

The other problem was that I couldn't use colors to explain anything in my book, as it'll be printed in black & white.

So I sat on the sad realization that I didn't have a great explanation for key exchanges, this for a number of months, and that until a more intuitive idea came to my mind.

soda

The idea goes like this. Imagine that Alice and Bob wants to share a secret, but are afraid that someone is intercepting their communications. What they do is that they go to the store and buy the same bottle of generic soda.

Once home, they both start a random timer and shake their respective bottles until their timer end.

shaking

What they obtain are some shaked, pressurized, ready to gush out bottles of sodas. Each of the bottles will release a different amount of pressure.

After that, they swap bottles. Now Alice has the bottle of Bob, and Bob has Alice's bottle.

swap

What do they do now? They restart their timers and shake the other person's bottle for the same amount of time.

Shake shake shake!

shake again

What do they finally obtain? Try to guess.

If I did my job correctly, then I gave you an intuition of how key exchanges work. Both Alice and Bob should now have two bottle of sodas that will release the same pressure once opened. And that's the secret!

And even if I steal the two bottles, I can't get a bottle that combines both bottles' pressure.

I recap the whole flow in the picture below:

final

Did you know about key exchanges before? Did you get it? Or did you think the painting example made more sense?

Please tell me in the comment!

This is probably what I'll include in my book as an introduction of what key exchanges are, unless I find a better way to explain it :)

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Comments

Dan

I like it! Simpler and still makes the point perfectly.

Any ETA on the book? This summer maybe? Looking forward to it.

Lisa

awesome?great job!!!

david

Dan: probably end of year for the print version, you can already read half of the book online though : o

Dave

David, I think the problem of trying to explain DH Key Exchange is the terminology used; in particular "Exchange", which people envision as swapping something between themselves. My take is it's more like "Co-creating a secret key that neither of us knew beforehand", and adding (and that eavesdroppers can't also create). When explained like this, the "brown" at the end makes more sense. Neither party started with brown, they co-created it.

leave a comment...