Key Agreement

A key agreement is a protocol whereby two or more parties can agree on a secret value. The neat thing about key agreements is that they can agree on a secret value even while talking on an insecure medium (like the Internet). These protocols are called key agreement protocols because they are most often used to settle on a session key that will be used to encrypt a conversation.


The most famous key agreement protocol is Diffie-Hellman (DH). Diffie-Hellman was originally published in 1976, in a paper that is widely considered to be the genesis of public key cryptography. In this section, I’ll explain the mathematics behind the algorithm. In the next section, I’ll show how the javax.crypto .KeyAgreement class encapsulates key agreement algorithms like Diffie-Hellman. Here’s how it works, mathematically, for a hypothetical exchange between Maid Marian and Robin Hood:

  1. First, some central authority chooses a base, g, and a modulus, p, such that g is primitive mod p. This means that for every value, b, from 1 to p - 1, there is some value, a, that satisfies ga mod p = b. The base and modulus values are used by a group of users, or perhaps as part of another standard. At any rate, they may be freely published; knowing them won’t do an attacker much good. Both Marian and Robin know g and p.

  2. Marian randomly chooses a value, x, and computes We’ll call these values ...

Get Java Cryptography now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.