A key agreement is a protocol whereby two or more parties can agree on a secret value. The neat thing about key agreements is that they can agree on a secret value even while talking on an insecure medium (like the Internet). These protocols are called key agreement protocols because they are most often used to settle on a session key that will be used to encrypt a conversation.
The most famous key agreement protocol is
Diffie-Hellman (DH). Diffie-Hellman was originally published in 1976,
in a paper that is widely considered to be the genesis of public key
cryptography. In this section, I’ll explain the mathematics
behind the algorithm. In the next section, I’ll show how the
javax.crypto .KeyAgreement class encapsulates key
agreement algorithms like Diffie-Hellman. Here’s how it works,
mathematically, for a hypothetical exchange between Maid Marian and
First, some central authority chooses a base, g, and a modulus, p, such that g is primitive mod p. This means that for every value, b, from 1 to p - 1, there is some value, a, that satisfies ga mod p = b. The base and modulus values are used by a group of users, or perhaps as part of another standard. At any rate, they may be freely published; knowing them won’t do an attacker much good. Both Marian and Robin know g and p.
Marian randomly chooses a value, x, and computes We’ll call these values ...