What is the Elliptic-curve Diffie-Hellman algorithm?

Elliptic-curve Diffie-Hellman (ECDH) is a key agreement algorithm that allows users to calculate a secret key using the public-private key pair and the generator point on the elliptic curve being used. This secret key allows both parties to communicate securely over an insecure channelInsecure channels allows a third party to eavesdrop and modify the messages being shared between two users via the channel..

ECDH is a variant of the Diffe-Hellman algorithm that is based on elliptic curves. It is very similar to the classical Diffie-Hellman algorithm being used to exchange keys securely. ECDH, instead of doing exponential of keys like Diffe-Hellman, uses elliptic curve cryptography multiplication to calculate the keys.

Working of ECDH

ECDH performs the key agreement process in two steps, key generation, and secret key calculation explained below.

Key generation

The process of generation of two keys, private and public, is as follows:

Private key

The private key is a randomly selected number $n,$ where $n$ is in the interval 1 to $n_o$- 1, where $n_o$ is the order of the subgroup of the elliptic curve points, generated by the generator pointStarting point of the elliptic curve defined according to the standard being used. $G$.

Public key

The public key is given as $P = nG$, where $n$ is the private key selected randomly above, $G$ is the generator point of the elliptic curve, and $P$ is the public key. $P$ is calculated after performing point doublingWhen only one point is provided on the elliptic curve, a straight line can not be drawn, so a tangent is drawn at the point provided. The point where that tangent intersects the curve again is mirrored horizontally to get another point. and point additionGiven that two points are provided on the elliptic curve, a straight line is drawn passing through those points. The point where that straight line intersects the curve for the 3rd and the final time is mirrored horizontally to get the next point. operations on the point $G$, $n$ number of times. The process of multiplication is basically a repeated addition operation on the generator point $G,$ $n$ number of times.

This process is repeated twice as there are two users involved in a communication, and they both require a set of public and private keys. The private key is kept secret by the user who generated it and not shared with anyone. However, the public key along with $G$, $a$, and $b$ are sent openly to other users, where $a$ and $b$ represent the constants in the equation of the underlying elliptic curve given in the Weierstrass short form below.

Secret key calculation

The secret key is calculated by both the users using the publicly available information of the other user and their own private keys. The secret key is calculated by user A by using this equation.

Where $n_a$ is the private key of user A, and $P_b$ is the public key of user B. As calculated above that the public key of user B is equal to $P_b = n_bG$, and the value of $P_b$ can be replaced with its value in the equation above.

User B also performs the same steps to calculate the secret key by using this equation.

Where $n_b$ is the private key of user B, and $P_a$ is the public key of user A. As calculated above that the public key of user A is equal to $P_a = n_aG$, and the value of $P_a$ can be replaced with its value in the equation above.

If we simplify the secret keys calculated by both the users, we can see that they are equal.

This secret key was calculated and agreed upon by both users following the ECDH algorithm. The calculation of the secret completed the key agreement process.