Photo by Jason Dent on Unsplash

Bob and Alice Have a Secret…

Prof Bill Buchanan OBE


Bob has a secret and Alice has the same secret. Why can’t they create a shared encryption key based on their secrets? Well, they can do this with Password Authentication Key Exchange (PAKE). So, let’s look at a simple method using discrete logs, and then we will convert it to elliptic curve methods. While discrete logs have been used in the past for Diffie-Hellman key exchange methods, we are increasing moving towards elliptic curve implementations.

SPEKE (Simple Password Exponential Key Exchange) — Discrete Logs

SPEKE (Simple Password Exponential Key Exchange) supports password-authenticated key agreement. Bob and Alice share a secret password (π) and a shared prime number (p). This password then hashed and used to determine a generator (g):

g=H(π)² (mod p)

The square function of the hash makes sure that g is a generator for the prime number p. After this, we can use a standard Diffie-Hellman type exchange. For this, Alice generates a random number a and Bob generates a random number b. Alice then sends:

A=g^a (mod p)

and Bob sends:

B=g^b (mod p)

Alice computes the shared key as:

K1=B^a(mod p)



Prof Bill Buchanan OBE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.