5.6.6 Hybrid Encryption And Key Exchange
Although public-key cryptography provides strong authentication and confidentiality, it is computationally expensive for bulk data. Consequently, most modern secure-communications systems adopt a hybrid encryption approach:
- A short-term session key for a symmetric algorithm (such as AES) is generated.
- This session key is encrypted with the recipient’s public key (e.g., via RSA or ECC).
- The recipient decrypts the session key using their private key, after which both parties use the symmetric key for high-speed data encryption.
This process, known as a key-exchange protocol, ensures that a secure symmetric key can be established over an insecure channel without pre-shared secrets.
The best-known public-key key-exchange algorithm is the Diffie–Hellman (DH) protocol, introduced in 1976, which allows two parties to derive a shared secret key based on the discrete-logarithm problem rather than integer factorization. In its basic form:
- Both parties agree on a large prime number p and a primitive root g (the base).
- Each selects a private random integer ( and ) and exchanges corresponding public values: A = gamod(p) and B = gbmod(p).
- Each then computes the shared secret:
Only the participants, who know a or b, can compute K; an eavesdropper knowing only g, p, A, B cannot feasibly derive the key without solving the discrete logarithm problem. The basic Diffie–Hellman protocol provides key agreement but does not by itself provide authentication; authenticated variants are required in practice.
Elliptic-curve variants such as elliptic-curve Diffie–Hellman (ECDH) now dominate secure-session establishment in TLS 1.3 and IKEv2 VPNs, offering stronger security per bit and faster negotiation than traditional RSA or DH.
Back to reading