Diffie-Hellman for the Layman

Whitfield Diffie and Martin Hellman are researchers who invented a safe method to communicate a password. Their 1976 paper opens with the following:

WE STAND TODAY on the brink of a revolution in cryptography.

The development of computer controlled communication networks promises effortless and inexpensive contact between people or computers on opposite sides of the world, replacing most mail and many excursions with telecommunications. For many applications these contacts must be made secure against both eavesdropping and the injection of illegitimate messages. At present, however, the solution of security problems lags well behind other areas of communications technology. Contemporary cryptography is unable to meet the requirements, in that its use would impose such severe inconveniences on the system users, as to eliminate many of the benefits of teleprocessing.

Fast forward twenty five years. Their method is a key component of the Signal protocol, adopted by major Instant Messenger (IM) clients such as WhatsApp and Skype. Are we done? No, because relying solely on IMs to send confidential information has downsides. First, both sides have to have the same app installed. Second, sending large files is not what IMs are designed for.

Another problem is that these apps are black boxes to users. How can one know what the app does? When WhatsApp was pressured to leave a backdoor into the encryption, it said “no” but instead agreed to log and report all dubious communication before it is encrypted. How many other IMs do it too, yet have not revealed this fact to their users?

Dissatisfied with the available options for confidential communication, I have created an alternative. I have created a simple web tool which allows for two people to agree on a password. Once they have it, they can use it to encrypt subsequent communication using a variety of existing tools.

Let’s say you want to communicate confidentially with Bob. First, both of you open my web tool. Then, you email him your exchange code and he emails you back his exchange code. You paste each other’s exchange codes into the web tool, and behold: you have generated the same random password!

Next, you verify that both of you have indeed derived the same password, and for this you use the displayed Check digits. If the digits are the same, then the passwords are also the same. (These digits are not secret. For improved security, text them instead of emailing them.)

Here’s a video that demonstrates the process:

I did not “roll” my own. My web tool relies on built-in browser support for Diffie-Hellman exchange and all cryptographic operations. This is important, because web browser’s cryptographic facility is well tested by other web apps.

Whenever you use web apps for encryption, there is a danger that the hosting web server is stealing your confidential information through JavaScript backdoors. How can you know that I am not doing the same?

First, you can download the web page and run it directly from your computer. This means that any new backdoors injected into the web page would not be reflected in your local copy. Second, the page makes no network communication after it loads. You can verify this using browser’s built-in Network inspector. (If you do not know how to do it yourself, ask your nearest web developer to help you. It should not take more than five minutes of his time.)

from Hacker News https://ift.tt/2RcXgnq