# Encrypted Key Exchange (EKE) – Discrete Logs and Elliptic Curve methods

### In this video, Professor Bill Buchanan OBE Blockpass ID lab talks about the encrypted key exchange (EKE).

He will be covering both discrete logs and elliptic curve methods. At 2:20, the speaker briefs that the encrypted key exchange method would involve a combination of asymmetric or public key, or secret key. It is important to remember that the public key encryption method uses a pair of related key values.

These related keys – values should then be fed into some kind of algorithm or a mathematical formula. This is done in order to decrypt an encrypted message where one of which is known by all the parties involved in the communication while the other is kept secret. It is to note that in the secret key encryption process, a single key is used to encrypt as well as decrypt messages.

## Working of Encrypted Key Exchange

At 4:18, the speaker states that a secret key or a password is derived from a specific party’s key and from the other party’s private key. He reiterates that the shared key will then be used to encrypt all the subsequent communication between the parties. These parties will most probably not have much knowledge of each other. Both the public and private key pairs can be generated often, again and again in order to maintain security. At 7:40, the speaker begins to explain the concept of Conference Keying – Discrete logs.

Initially, Bob and Alice will agree on a password. They will then generate an encryption key from a hash of the password. The hash of the password is indicated by P. Let’s consider Alice to initially create a secret value (a). Then we will need to compute g to the power of a(mod p). This result obtained after computation will then be encrypted with the P key. Bob will then receive this encrypted information. He can then recover by computing g to the power of a(mod p). Here, it is important to note that Bob then creates a random value b and then computes a new key.

This new key generated is encrypted with the P key. This step is then followed by creating a new challenge (c1). The challenge (C1) is then encrypted with the new key. Now, these two values are sent to Alice. This information can then be decrypted in order to recover the challenge (c1). Alice can now create her own challenge (c2) and get that appended to c1 with a new key.

Bob can then finally decrypt and recover the value of both the challenges (c1 and c2). At 9:02, the speaker mentions that the Encrypted Key Exchange (EKE), created by Steven M. Bellovin and Michael Merritt, uses a shared password mechanism to encrypt the Diffie-Hellman key exchange. With EKE, an initial encryption key is generated from the shared password.

This is then used to generate a session key through the process of encrypted Diffie-Hellman handshaking process. We can use a discrete logarithmic method or the Elliptic curve method to pass the shared key.

## Effectiveness and limitations of Encrypted Key Exchange

At 13:23, the speaker talks about the effectiveness of the Encrypted Key Exchange (EXE) method. This method is known for its level of protection against active attacks. This method would provide protection in situations where an attacker tries to guess the password or during other types of attacks. The other type of attacks can include dictionary attacks where a person tries out all the available combinations of secret keys in a very small set of values.

There are some limitations with the Encrypted Key Exchange method. This method compulsorily required that the parties involved in the communication store the shared password in an unencrypted manner. This is often referred to as cleartext.

A trusted third-party key distribution center is also required here. In the enhanced version of encrypted key exchange, there will not be any requirement for the passwords to be compulsorily stored in an unencrypted manner.

At 15:02 Bill states that the major motivation behind the creation of EKE was to resolve the issue of authenticating a user to a host. The most popular and interesting application of EKE is a secure public phone. EKE allows the use of a short, keypad-entered passcode. It allows a much longer session key for the call. EKE has the ability to protect against attack by rendering a phone useless as if a PIN has not been entered. From a more generic perspective, EKE works as a privacy amplifier.

It can be used to enhance the weak symmetric and also the asymmetric systems in cases where they are used together. In this video, the professor clearly explains how Encrypted Key Exchange functions, the motivation behind this method, its usage and its applications along with its limitations.