Cryptographic algorithm
Last updated
Last updated
In DMTP messages encryption model, two core algorithms; Diffie-Hellman key exchange and AES are used. We provide you a brief overview of each of them and hope it can help you to understand more about DMTP E2EE mechanism.
The Elliptic Curve Diffie-Hellman algorithm is a cryptographic protocol that allows two parties to establish a shared secret key over an insecure channel. This is useful for encrypting communications between the two parties, so that the messages cannot be intercepted and read by anyone else.
Here's a brief overview of how the ECDH algorithm works:
Both parties agree on an elliptic curve to use, as well as a point on the curve that serves as a generator. This information is made public.
Each party generates a private key, which is a randomly chosen integer. The private key is kept secret and is not shared with anyone.
Using their private key and the agreed-upon generator point, each party calculates their public key, which is a point on the curve. The public key is shared with the other party.
Using their own private key and the other party's public key, each party calculates a shared secret point on the curve. This point is the same for both parties, but it cannot be determined by anyone who does not know the private keys.
The shared secret point can then be used as a symmetric key to encrypt and decrypt messages between the two parties.
In summary, the ECDH algorithm allows two parties to establish a shared secret key in a way that ensures that the key cannot be determined by anyone who does not possess the private keys. The diagram you are referring to is likely showing the different steps involved in this proces
Advanced Encryption Standard (AES) is a widely-used symmetric encryption algorithm that uses a fixed-length block cipher to encrypt and decrypt data. It is considered to be very secure and efficient, and is the standard encryption algorithm used by the U.S. government for classified information.
AES works by taking plaintext data and a secret key as inputs, and then applying a series of mathematical operations to the data, known as rounds, to produce the encrypted output, or ciphertext. The number of rounds used in the encryption process depends on the length of the secret key, with longer keys requiring more rounds to produce the same level of security.
The encryption process can be broken down into several steps:
The plaintext data is divided into fixed-length blocks, typically 128 bits in length.
The secret key is expanded to create a key schedule, which is a set of derived keys that will be used in the encryption process.
The plaintext block is then combined with the first derived key using a bitwise XOR operation, and the resulting value is passed through a series of rounds, each of which applies a set of mathematical operations to the data.
At the end of the rounds, the final value is combined with the last derived key using a bitwise XOR operation to produce the ciphertext block.
The decryption process is similar to the encryption process, but uses the key schedule in reverse order and applies the inverse of the mathematical operations used in the rounds. This allows the ciphertext to be transformed back into the original plaintext.
AES is widely used because it is considered to be very secure and efficient. The encryption process is resistant to attacks and the key schedule allows the use of long keys, which makes the ciphertext difficult to break even with powerful computers. Additionally, the fixed-block size allows for fast and efficient encryption and decryption of data.