Search code examples
securitydiffie-hellman

Explanation of Diffie-Hellman Key Exchange using colors?

I was checking this explanation of Diffie-Hellman algorithm using colors.

Alice and Bob want to communicate privately.

  1. A Common Color C is agreed upon by Alice and Bob.
  2. Eve knows about the C because it is communicated over the Network.
  3. Alice mixes her Private Color A to C and sends Alice's Mixture AC over the Network.
  4. Bob mixes his Private Color B to Yellow and sends Bob' Mixture BC over the Network.
  5. Alice and Bob add their own color to the other's mixture BCA = ACB. They arrive at a common, color.

However, I have the following question?

If Eve knows that the common color is C, and Alice's Mixture AC, can't she deduce Alice's secret color using AC - C? At-least in RGB color space, this is easy to calculate right?

In summary, will this algorithm work if the common color C is shared over the network?

PS: I am assuming that volume of the colors is the same as the video doesn't talk about quantity.

Solution

  • Short answer: Yes, it will work. That is kind of the whole point of this concept.

    As for that particular explanation (using paint as an example), it is just that - a simplified example to make the higher level concept understandable.

    That higher level concept is in this case, that certain known pieces of data (the known color) can be combined with private / unknown pieces of data (the two "private" colors that are added by Alice and Bob) in such a way that only the intended parties (Alice and Bob) can make use of the resulting product.

    In this simplified example, that resulting product is a secret color. In actual cryptography, the result is a secret message of some kind.

    The paint is a metaphor. You should not try to over-analyze it. If you are thinking about RGB-codes and volumes of colored liquids, I'm afraid you're missing the point.

    Addition/ update: For a slightly more technical description of the Diffie-Hellman exchange, see this answer provided at security.stackexchange.com. As an answer to this current question, I'd like to quote a comment posted below the answer in the link:

    I think it's worth mentioning that the reason this is secure is that, unlike normal log(x), the modular log(x) is thought to be hard to compute.

    That "hard to compute" part is what is alluded to with the metaphor of paint that is "hard to separate once it is mixed".