Stack Overflow
Stack Overflow

Questions tagged [diffie-hellman]

Diffie-Hellman, commonly abbreviated DH, refers to a public key cryptographic protocol used by two parties to produce a common shared secret.

Diffie-Hellman, commonly abbreviated DH, refers to a public key cryptographic protocol used by two parties to produce a common shared secret.

It is most commonly used to implement key agreement, by using the properties of exponentiation modulo a large prime. Another variant uses the properties of elliptic curve groups and is commonly abbreviated ECDH.

For further reading see Wikipedia

431 questions
149
votes
22 answers

Why does SSL handshake give 'Could not generate DH keypair' exception?

When I make an SSL connection with some IRC servers (but not others - presumably due to the server's preferred encryption method) I get the following exception: Caused by: java.lang.RuntimeException: Could not generate DH keypair at…
sam
  • 2,105
  • 2
  • 15
  • 18
62
votes
10 answers

Convert python long/int to fixed size byte array

I'm trying to implement RC4 and DH key exchange in python. Problem is that I have no idea about how to convert the python long/int from the key exchange to the byte array I need for the RC4 implementation. Is there a simple way to convert a long to…
cdecker
  • 4,515
  • 8
  • 46
  • 75
42
votes
1 answer

DH vs. DHE and ECDHE and perfect forward secrecy

Does Diffie-Hellman (DH) provide perfect forward secrecy? or is it a feature for Ephemeral Diffie-Hellman (DHE) only ? Is Elliptic Curve Ephemeral diffie-Hellman (ECDHE) is better than DHE ?
user1810868
  • 1,565
  • 8
  • 23
  • 30
42
votes
1 answer

Pre-master secret mistmatched when implementing Diffie-Hellman key exchange

I am trying to implement DHE_DSS into go's crypto/tls package. Unfortunately I can not seem to get the PreMasterSecret (Z) to be the same, my basic workflow is: Receive Server Key Exchange Message Extract P, G, Ys Verify using the digital signature…
jawr
  • 827
  • 1
  • 7
  • 14
39
votes
2 answers

How does the man in the middle attack work in Diffie–Hellman?

I'm having doubts about the mechanics of a man in the middle attack during a Diffie–Hellman key exchange. I have heard that it can happen during the key agreement communication. But in the presence of CA (Certificate Authority) the receiver can…
Chanikag
  • 1,419
  • 2
  • 18
  • 31
25
votes
3 answers

How does one access the raw ECDH public key, private key and params inside OpenSSL's EVP_PKEY structure?

I'm using OpenSSL's c library to generate an elliptic curve Diffie-Hellman (ECDH) key pair, following the first code sample here. It glosses over the actual exchange of public keys with this line: peerkey = get_peerkey(pkey); The pkey variable and…
Bob Whiteman
  • 2,481
  • 2
  • 23
  • 27
21
votes
3 answers

Why does iOS 5 fail to connect to a server running JDK 1.6, but not JDK 1.5

We have a Java Socket Server listening on an SSLSocket (port 443) and an iOS application that connects with it. When running on iOS 5.1, the application stopped working when we upgraded the Java version of the server from JDK 1.5 to 1.6 (or 1.7).…
KC Baltz
  • 1,498
  • 1
  • 13
  • 22
20
votes
2 answers

Is there a standardized fixed-length encoding for EC public keys?

I was wondering if there was (and I hope there is) a standard for public key size for ECDH (Elliptic Curve Diffie-Hellman) and ECDSA (Elliptic Curve Digital Signature Algorithm) for every curve type over prime fields (192, 224, 256, 384 and 521).
ALOToverflow
  • 2,679
  • 5
  • 36
  • 70
19
votes
2 answers

AES encryption: InvalidKeyException: Key length not 128/192/256 bits

I'm trying to encrypt a string on Android with AES. The symmetric key is determined previously with the Diffie-Hellman algorithm and seems to be ok (Key Length is 128 Bit, see below). Nevertheless, I get a InvalidKeyException: "Key length not…
Peter
  • 379
  • 2
  • 5
  • 10
18
votes
1 answer

Implementation of kleptography in Python (SETUP attack)

My task is to reproduce the plot below: It comes from this journal (pg 137-145) In this article, the authors describe a kleptographic attack called SETUP against Diffie-Hellman keys exchange. In particular, they write this algorithm: Now, in 2 the…
Davide Motta
  • 133
  • 7
18
votes
4 answers

Encrypt message for Web Push API in Java

I'm trying to create a server capable of sending push messages using the Push API: https://developer.mozilla.org/en-US/docs/Web/API/Push_API I've got the client side working but now I want to be able to send messages with a payload from a Java…
joaomgcd
  • 5,287
  • 4
  • 28
  • 39
16
votes
5 answers

Diffie-Hellman in place of SSL?

Can a Diffie-Hellman key exchange algorithm be used to encrypt client-server communication on a web-page in place of SSL? If it can, what are the disadvantages (i.e. why does the standard use SSL which requires a certificate authority)? My…
kmnan
  • 161
  • 1
  • 1
  • 3
15
votes
2 answers

Derive Key with ECDiffieHellmanP256

I am working on a project to integrate with the new Push API that exists in Firefox and is being developed as a W3C standard. Part of this is encrypting the data. The server will receive a Diffie Hellman P256 Curve (Generated in JS using var key =…
Dan Drews
  • 1,966
  • 17
  • 38
14
votes
5 answers

Diffie-Hellman public key error with Tomcat 7

I successfully set up two Ubuntu machines with Tomcat and SSL certificates. I followed exactly the same procedure with Centos 6, but I'm getting this when I'm trying to connect to the Server (using Opera): Server has a weak, ephemeral…
Bob
  • 383
  • 1
  • 5
  • 16
13
votes
3 answers

Client-side encryption over HTTP with Diffie-Hellman Key Exchange and AES

After watching a YouTube video on the Diffie-Hellman Key Exchange, I wanted to try an implementation in JavaScript (Atwood's law). I sketched up an cipher on Node.js with the following rules: Step 1: Client and server agree on a shared key: Client…
user479947
1
2 3
28 29