**EC Cryptography Tutorials - Herong's Tutorial Examples** - v1.02, by Dr. Herong Yang

What Is ECDH Key Exchange

This section introduces what is ECDH Key Exchange - a protocol that uses the Elliptic Curve group property to establish a shared secret key without sending it directly to each other.

**What Is ECDH Key Exchange?**
ECDH (Elliptic Curve Diffie-Hellman) Key Exchange is a protocol
that uses the Elliptic Curve group property to establish a shared
secret key without sending it directly to each other.

The Wikipedia description of ECDH Key Exchange is: "Elliptic-curve Diffie-Hellman (ECDH) is an anonymous key agreement protocol that allows two parties, each having an elliptic-curve public-private key pair, to establish a shared secret over an insecure channel."

Here are the steps used by Alice and Bob to establish a shared secret key using the ECDH Key Exchange protocol:

1. Shared Domain Parameters - Alice and Bob shares an identical elliptic curve subgroup defined by a set of domain parameters: (p,a,b,G,n,h):

p: The modulo used to specify the reduced elliptic curve group. a: The first coefficient of the elliptic curve. b: The second coefficient of the elliptic curve. G: The generator (base point) of the subgroup. n: The order of the subgroup. h: The cofactor of the subgroup.

2. Alice generates a private and public key pair:
d_{A} and Q_{A} = d_{A}*G.
the scalar multiplication with the generator, Q_{A} = d_{A}*G, to Bob.

3. Bob generates a private and public key pair:
d_{B} and Q_{B} = d_{B}*G.

4. Alice and Bob exchange their public keys: Q_{A} and Q_{B}.

5. Alice computes another scalar multiplication,
S_{A} = d_{A}*Q_{B} and
derives a shared secret key with a shared function, s_{A} = f(S_{A}).

6. Bob computes another scalar multiplication,
S_{B} = d_{B}*Q_{A} and
derives a shared secret key with a shared function, s_{B} = f(S_{B}).

7. Alice can now use s_{A} to encrypt any message and
send the encrypted version to Bob.

8. Bob can use s_{B} to decrypt the encrypted message.

We can easily proof that:

s_{A}= s_{B}, because s_{A}= f(d_{A}*Q_{B}) = f(d_{A}*(d_{B}*G)) = f(d_{B}*(d_{A}*G)) = f(d_{A}*Q_{B}) = s_{B}

One commonly used shared function f(P) is to take x-coordinate of the point P:

If P = (x,y), then f(P) = x

Based on the above steps, we can say that ECDH (Elliptic Curve Diffie-Hellman) Key Exchange protocol is to perform a scalar multiplication of one's own EC private key and other's EC public key to obtain the common shared secret key.

Table of Contents

Geometric Introduction to Elliptic Curves

Algebraic Introduction to Elliptic Curves

Abelian Group and Elliptic Curves

Discrete Logarithm Problem (DLP)

Generators and Cyclic Subgroups

tinyec - Python Library for ECC

►ECDH (Elliptic Curve Diffie-Hellman) Key Exchange

ECDSA (Elliptic Curve Digital Signature Algorithm)