Setup
To perform the demonstration, you will need a group of three people. Two of the people will be communicating a shared secret key by choosing colors of paint, and the third person will be attempting to guess the shared secret.
If you don't have two other people around, you can also just try the demonstration for yourself to see how it works.
Background
When you load a web page, most of the time you will see a lock icon on the top left of the URL bar next to the name of the site. This means that the page is using HTTPS, which secures your information using public key cryptography.
Public key cryptography is a way to send secret messages over an insecure channel. It works by using a pair of keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret.
We can simulate public key cryptography using colors of paint.
- First, you will choose any private color you want, which you will not share.
- Then, you will mix your private color with the provided base color to create a public color, which you will share.
- Finally, you will mix your private color from step (1) with the other person's public color from step (2) to create a new shared secret color.
Demonstration
First, choose your private color and note the six-digit code below the color picker.
Don't share this code with anyone else!
Now we will mix your private color with the base color to create your public color.
You can share the base color and your public color.
Mixing with Base Color: #2190bcYour Public Color: #03489dFinally, we will mix the other person's public color with your private color to create a shared secret color.
Each of the two partners will end up with the same shared secret color!
Ask your partner for the six-digit code representing their public color, and type it here:
Shared Secret Color:Congratulations! You have successfully shared a secret color with your partner using public key cryptography.
Let the eavesdropper know that they can try to guess the shared secret color. They will not be able to determine the shared secret color without knowing one of the private colors.
Because this demonstration uses a limited number of color choices, it may be possible for the eavesdropper to guess the private colors of one or both of their partners.
In real life, we use a much larger set of values, and a special math operation so that guessing the secrets is much harder to do.
Afterwards, you can check the shared secret color with your partner to confirm that the process worked.
Further Reading
If you enjoyed this demonstration and would like to learn more about some of the topics presented here, check out some of these resources:
- Understanding Public Key Cryptography with Paint by Graeme Taylor
- The Illustrated TLS 1.2 Connection by Michael Driscoll
- Diffie–Hellman key exchange on Wikipedia
Acknowledgements
This demonstration was inspired by the excellent blog post by Graeme Taylor at https://maths.straylight.co.uk/archives/108.
I would also like to thank Alex Orlowski for collaborating with me in planning and delivering a previous form of this exercise as a demonstration during Innovation Day at Firestone Charter Academy in Denver.
It turns out mixing colors virtually in the same way that they are mixed with paint in real life is not a simple task! This page uses Mixbox by Secret Weapons, which is licensed under CC BY-NC 4.0.