5 Replies - 393 Views - Last Post: 09 July 2020 - 01:58 AM Rate Topic: -----

#1 Rule1   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 3
  • Joined: 07-July 20

Diffie-Hellman Implementation Question

Posted 07 July 2020 - 07:47 PM

Hello,

I'm working on learning how to send messages from a client to a server with encryption and have decided to choose the asymmetric diffie-hellman key exchange.

I am trying to implement the diffie-hellman implementation as shown on the java docs https://docs.oracle....Spec.html#DH2Ex
It is under the section "Diffie-Hellman Key Exchange between 2 Parties"

After reading through the code I understand most of the process except for one part at the end.

 /*
         * At this stage, both Alice and Bob have completed the DH key
         * agreement protocol.
         * Both generate the (same) shared secret.
         */
        try {
            byte[] aliceSharedSecret = aliceKeyAgree.generateSecret();
            int aliceLen = aliceSharedSecret.length;
            byte[] bobSharedSecret = new byte[aliceLen];
            int bobLen;
        } catch (ShortBufferException e) {
            System.out.println(e.getMessage());
        }        // provide output buffer of required size
        bobLen = bobKeyAgree.generateSecret(bobSharedSecret, 0);
        System.out.println("Alice secret: " +
                toHexString(aliceSharedSecret));
        System.out.println("Bob secret: " +
                toHexString(bobSharedSecret));
        if (!java.util.Arrays.equals(aliceSharedSecret, bobSharedSecret))
            throw new Exception("Shared secrets differ");
        System.out.println("Shared secrets are the same");




I don't understand where this code goes? Does both Alice and Bob share this code, and if they do how is it possible that Bob would have aliceSharedSecret or vice-versa.

Any tips or hints are greatly appreciated. If you have any other links on how to implement DH for a client server I would also appreciate that.

Regards,

Is This A Good Question/Topic? 0
  • +

Replies To: Diffie-Hellman Implementation Question

#2 g00se   User is offline

  • D.I.C Lover
  • member icon

Reputation: 3704
  • View blog
  • Posts: 16,981
  • Joined: 20-September 08

Re: Diffie-Hellman Implementation Question

Posted 08 July 2020 - 05:02 AM

Question: is this an academic exercise or do you want to use it practically?
Was This Post Helpful? 0
  • +
  • -

#3 Rule1   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 3
  • Joined: 07-July 20

Re: Diffie-Hellman Implementation Question

Posted 08 July 2020 - 06:27 AM

View Postg00se, on 08 July 2020 - 05:02 AM, said:

Question: is this an academic exercise or do you want to use it practically?


Practically. I want to build a Poker game (multiple clients communicating with server), but I want the communication between client and server to be encrypted (to protect which cards user is dealt).
Was This Post Helpful? 0
  • +
  • -

#4 g00se   User is offline

  • D.I.C Lover
  • member icon

Reputation: 3704
  • View blog
  • Posts: 16,981
  • Joined: 20-September 08

Re: Diffie-Hellman Implementation Question

Posted 08 July 2020 - 08:22 AM

In that case, why are you 'rolling your own' encryption? Just use SSL
Was This Post Helpful? 1
  • +
  • -

#5 Rule1   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 3
  • Joined: 07-July 20

Re: Diffie-Hellman Implementation Question

Posted 08 July 2020 - 05:14 PM

View Postg00se, on 08 July 2020 - 08:22 AM, said:

In that case, why are you 'rolling your own' encryption? Just use SSL


To be honest, I (naively) was under the impression was only for the HTTP protocol and I am using pure sockets.
I'll have to do further research, thank you for your insight !
Was This Post Helpful? 0
  • +
  • -

#6 g00se   User is offline

  • D.I.C Lover
  • member icon

Reputation: 3704
  • View blog
  • Posts: 16,981
  • Joined: 20-September 08

Re: Diffie-Hellman Implementation Question

Posted 09 July 2020 - 01:58 AM

Quote

To be honest, I (naively) was under the impression was only for the HTTP protocol and I am using pure sockets.

No. The protocol is immaterial as the encryption operates at the transport layer
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1