Diffie-Hellman for the Layman

Whitfield Diffie and Martin Hellman are researchers who invented a safe method to communicate a password. Their 1976 paper opens with the following:

WE STAND TODAY on the brink of a revolution in cryptography.

The development of computer controlled communication networks promises effortless and inexpensive contact between people or computers on opposite sides of the world, replacing most mail and many excursions with telecommunications. For many applications these contacts must be made secure against both eavesdropping and the injection of illegitimate messages. At present, however, the solution of security problems lags well behind other areas of communications technology. Contemporary cryptography is unable to meet the requirements, in that its use would impose such severe inconveniences on the system users, as to eliminate many of the benefits of teleprocessing.

Fast forward forty five years. Their method is a key component of the Signal protocol, adopted by major Instant Messenger (IM) clients such as WhatsApp and Skype. Are we done? No, because relying solely on IMs to send confidential information has downsides. First, both sides have to have the same app installed. Second, sending large files is not what IMs are designed for.

Another problem is that these apps are black boxes to users. How can one know what the app does? When WhatsApp was pressured to leave a backdoor into the encryption, it said “no” but instead agreed to log and report dubious communication before it is encrypted. How many other IMs do it too, yet have not revealed this fact to their users?

Dissatisfied with the available options for confidential communication, I have created an alternative. I have created a simple web tool which allows for two people to agree on a password. Once they have it, they can use it to encrypt subsequent communication using a variety of existing tools.

Let’s say you want to communicate confidentially with Bob. First, both of you open my web tool. Then, you email him your exchange code and he emails you back his exchange code. You paste each other’s exchange codes into the web tool, and behold: you have generated the same random password!

Next, you verify that both of you have indeed derived the same password, and for this you use the displayed Check digits. If the digits are the same, then the passwords are also the same. (These digits are not secret. For improved security, text them instead of emailing them.)

Here’s a video that demonstrates the process:

I did not “roll” my own. My web tool relies on built-in browser support for Diffie-Hellman exchange and all cryptographic operations. This is important, because web browser’s cryptographic facility is well tested by other web apps.

Whenever you use web apps for encryption, there is a danger that the hosting web server is stealing your confidential information through JavaScript backdoors. How can you know that I am not doing the same?

First, you can download the web page and run it directly from your computer. This means that any new backdoors injected into the web page would not be reflected in your local copy. Second, the page makes no network communication after it loads. You can verify this using browser’s built-in Network inspector. (If you do not know how to do it yourself, ask your nearest web developer to help you. It should not take more than five minutes of his time.)

Once you have derived a shared password, what do you do with it? You can either use it for signing-in or for encryption. There are situations in which you and Bob want to access the same online account and both of you need to know the same password. In this case you don’t need to use a 44-character derived password, since that would be an overkill. Use the first 15 characters of it instead, which would give a sufficiently strong password. However, for encryption, the longer 44-character password is necessary because it is used to form an encryption key which must be long.

If you need to encrypt only a textual message, you can use the Encrypt Messages form on my page. Use it to send credit card numbers, social security numbers, existing passwords, and API keys. (Use it to send Bitcoin addresses for greater anonymity.) Once you have encrypted a short message, you can copy-paste the encrypted message into an email to Bob. Bob will then use the Decrypt Message form to decrypt it.

Similarly if you need to encrypt a few files, you can use the Encrypt Files form on my page. Each encrypted file will have “-encrypted” added to its file extension. For instance the file passport.jpeg would become passport.jpeg-encrypted. You would email this file to Bob, and he would have to use the Decrypt File form on my page to decrypt it.

The encryption tool also allows to encrypt entire folders. A folder “legal” would be encrypted into legal.encrypted and decrypted back into legal.zip for a one-click download.

I have set a 512 MB size limit per file or folder. For other file encryption needs use file archiving software that supports strong encryption, and use the password that you have derived with Bob to lock the archive. Choose an archiving format that Bob can easily open without installing additional software. For instance, if both of you are Mac users, send him an encrypted DMG archive. If both of you are Windows users, use BitLocker.

My web tool will tell you Bob’s operating system, and this will help you to decide which software to use. (The type of his OS is included in the exchange code that he sent you.)

Knowing Bob’s OS helps decide whether to use BitLocker, DMG, or 7-zip archive

Let’s assume that both you and Bob are Mac users. In order to create an encrypted DMG archive, open the Disk Utility app and go to the menu option “File : New Image : Blank Image.” In the popup that opens fill the name of the file, set its size and choose AES-256 encryption from the drop down. In the password prompt fill the long password that you have derived with Bob.

Creating a new .dmg archive
Resulting archive

When you click on the created DMG archive, Mac will ask you for the password which you have set. It will then mount it and you can add files to it. Once you are done filling it, unmount it and email it to Bob.

Placing a confidential passport photo into the archive

If you prefer typing commands in the Terminal, here are commands to archive a folder named “legal.” You will be prompted for the password.

# encrypt
hdiutil create -encryption -stdinpass -srcfolder legal legal.dmg
# decrypt
hdiutil attach -stdinpass legal.dmg

If you need to enlarge a DMG archive to fit more files inside it, use Disk Utility app to resize it.

What can you do if you don’t use the same Operating System as Bob? If you are a computer savvy power user, but Bob is not, I suggested that you create an archive in a format that he can easily open. Let’s say that you have a Mac and he has Windows. If you have Windows running in a Virtual Machine (VM), create a BitLocker archive using it for Bob. Otherwise, install BitLocker software for Mac, such as the $20 BitLocker Anywhere For Mac by Hasleo, and create a BitLocker archive.

Conversely, if you are a Windows user but Bob is a Mac user, then you can create a Zip file with AES encryption. For this you can use either the free 7-zip utility or WinZip. Starting with Big Sur, Mac OSX opens such zip files without any additional software. If Bob uses an older version of OSX, ask him to install the Unarchiver app.

Another option is to use an encrypted external drive. You would place files in it and then mail it by regular mail. This way you can transfer terabytes of data securely. Again, use a DMG or BitLocker depending on the destination OS. There is also VeraCrypt for a cross platform solution, but it is not user friendly.

Another way to transfer files is through cloud storage. For this, use the free Cryptomator app which works with all major cloud storage providers. Here is a demonstration of Cryptomator Dropbox combination.

First, install Cryptomator and use it to create an encrypted vault “Alice & Bob Confidential” inside the Dropbox folder. It will look like this:

Folder encrypted by Cryptomator

Do not be intimidated by all the files inside the created folder, because this is just the encrypted view. In the decrypted view, you will only see a “welcome” file. The decrypted view is visible when Cryptomator mounts this folder and presents it to you as a virtual drive:

Decrypted view into the same folder

The next part is to share the folder with Bob, via Dropbox facilities. Inside the Dropbox folder, right click on the subfolder just created, and select “Share.”

Share encrypted Dropbox folder with Bob

In the next step do not copy a share link, but instead fill Bob’s email address. (It must be the email that he uses to sign-in to his Dropbox account.) Dropbox will identify him and send him an invite by email. Once invited, Bob will first see the Shared folder in his online Dropbox account, under “Shared”:

Bob still needs to click the “Add” button to add the shared folder into his own Dropbox. Once added, the shared folder will appear alongside his personal folders. Furthermore, Bob will see the folder synced onto his computer too.

Bob should now install Cryptomator and mount the confidential folder.

Bob unlocks the shared folder using Cryptomator

From this point on, anything you place in the mounted confidential folder (and vice versa), Bob would see on his computer. Organize files into folders as shown below:

Subfolder Documents contains a confidential utility bill.

Note that if you quit the Cryptomator app, it will lock and unmount all the unlocked vaults. Unlock it back using the Cryptomator dock menu:

Quickly find all Cryptomator vaults

Here is one caveat concerning Cryptomator. It is hard to find the mounted folder because it doesn’t appear on the left panel of Finder where you usually see mounted drives. You can get there by selecting “Computer” under the Finder’s “Go” menu.

So what’s the summary and conclusion? It is possible to share any number of files confidentially. Begin by using my password sharing web tool to agree on a password with Bob. Then, decide whether you need to use it to encrypt a short message or files. For a short message, use the form provided with the web tool. For files, if it is a one time thing, look for a way to create an archive that Bob can easily open, preferably without installing anything new on his computer. The operating system that he runs will guide you on which software to use. Finally, if you need to regularly exchange files with Bob, get him to install Cryptomator, and use it with either Dropbox or Google Drive.

End-to-end encrypted communication is possible in 2021 and can be made user friendly if you use the right tools. However, choosing a strong password is a prerequisite to all of them. If you have no other means to agree on a strong password worthy of an encryption key, use my web tool: https://borisreitman.com/privacy.html

The course of history is determined by the spreading of ideas. I’m spreading the good ones.