implementing the diffie hellman key agreement using data encryption standard
Skip this Video
Download Presentation
Implementing the Diffie -Hellman Key Agreement using Data Encryption Standard

Loading in 2 Seconds...

play fullscreen
1 / 16

Implementing the Diffie -Hellman Key Agreement using Data Encryption Standard - PowerPoint PPT Presentation

  • Uploaded on

Implementing the Diffie -Hellman Key Agreement using Data Encryption Standard. Presented by : Sahil Behl Muhammad Rehan Fayyaz Under the guidance of Dr. Leszek Lilien Dept. Of Computer Science Western Michigan University. Motive.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Implementing the Diffie -Hellman Key Agreement using Data Encryption Standard' - cleo

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
implementing the diffie hellman key agreement using data encryption standard

Implementing the Diffie -Hellman Key Agreement using Data Encryption Standard

Presented by:

Sahil Behl

Muhammad Rehan Fayyaz

Under the guidance of

Dr. Leszek Lilien

Dept. Of Computer Science

Western Michigan University.

  • Many cryptographic algorithms (e.g., DES,AES, HMAC) require the establishment of shared keying material in advance.
  • Manual distribution of keying material is inefficient and complex.
  • Seek automated key establishment schemes. (Example

(X.509 Standard)

  • Requirement of an algorithm that can use public key techniques to allow the exchange of a private encryption key.

Diffie – Hellman Key Agreement Algorithm:

Let\'s take a look at how the protocol works. Assume that

to users, Alice and Bob know nothing about each other but

are in contact.

The algorithm outlines a nine step process for the


1. Alice and Bob agree on two large positive integers, n and g, with the stipulation that n is a prime number and g is a generator of n.

2. Alice randomly chooses another large positive integer, XA, which is smaller than n. XA will serve as Alice\'s private key.

dh key agreement algorithm
DH Key Agreement algorithm

3. Bob similarly chooses his own private key, XB.

4. Alice computes her public key, YA, using the formula YA =

(g^XA) mod n.

5. Bob similarly computes his public key, YB, using the

formula YB = (g^XB) mod n.

6. Alice and Bob exchange public keys over the insecure


7.Alice computes the shared secret key, k, using the formula k

= (YB ^XA) mod n.

8. Bob computes the same shared secret key, k, using the formula k = (YA ^XB) mod n.

9. Alice and Bob communicate with a symmetric algo. of their choice using shared key k.

  • Architecture:
  • Individual modules:

1. Diffie - Hellman Key Generator:

a) The classes used were*;*;*;





b) Alice generates her DH key pair using

KeyPairGenerator aliceKpairGen=KeyPairGenerator.getInstance("DH");


KeyPair aliceKpair = aliceKpairGen.generateKeyPair();


c) Alice initializes her shared key object and sends her public key to Bob.

KeyAgreement aliceKeyAgree = KeyAgreement.getInstance("DH");


byte[] alicePubKeyEnc = aliceKpair.getPublic().getEncoded();

d) Bob receives Alice’s public key and creates his

own DH parameters.

KeyFactory bobKeyFac = KeyFactory.getInstance("DH");

X509EncodedKeySpec x509KeySpec = new


PublicKey alicePubKey = bobKeyFac.generatePublic(x509KeySpec);

e) Bob will send his own public key to Alice now

and Alice generates her shared key.


KeyFactory aliceKeyFac = KeyFactory.getInstance("DH");

x509KeySpec = new X509EncodedKeySpec(bobPubKeyEnc);

PublicKey bobPubKey = aliceKeyFac.generatePublic(x509KeySpec);

aliceKeyAgree.doPhase(bobPubKey, true);

f ) Similarly, Bob uses Alice’s public key to

generate his shared key

bobKeyAgree.doPhase(alicePubKey, true);

At this moment both parties have generated the same shared


2. We then used the Data Encryption Standard to encipher the plaintext using the shared key that the DH Key Agreement algorithm generated.


3. Client and server modules:

  • They were implemented using servlets.
  • Tomcat was the application server
  • The database connected to the server was pointbase.
  • Ethereal was used as a Network Protocol Analyzer.
security issues with dh
Security Issues with DH

1.Denial of service Attacks:

-The attacker tries to stop Alice and Bob from

successfully carrying out the protocol.

Example: Deleting the messages that Alice and

Bob send to each other, or by overwhelming the parties with

unnecessary computation or communication.

2.Outsider Attacks:

-The attacker tries to disrupt the protocol (by for

example adding, removing, replaying messages) so that he

gets some interesting knowledge (i.e. information he could not

have gotten by just looking at the public values).

security issues with dh1
Security Issues with DH

3.Insider Attacks:

- It is possible that one of the participants in a DH

protocol creates a breakable protocol run on purpose in order

to try to gain knowledge about the secret key of his peer.

- This is an important attack if one of the

participants holds a static secret key that is used in many

key agreement protocol runs. Note that malicious software

could be very successful in mounting this attack.

4.Man in the Middle Attacks:

- An active attacker (Oscar), capable of removing

and adding messages, can easily break the core DH protocol .

- By intercepting the public keys and replacing

them, Oscar (O) can fool Alice and Bob into thinking that

they share a secret key.

current and future research
Current and future research

1.N-Party Encrypted Diffie-Hellman Key Exchange Using Different Passwords (2005):[Center for Information Security Technologies (CIST), Korea University, Anam Dong, Sungbuk Gu, Seoul, Korea]

- The paper provides a method to securely and efficiently extend three-party case to N-party case with a formal proof of security.

- Two provably secure N-party EKE protocols are suggested.

- N-party EKE-U in the unicast network and N-party EKE-M in the multicast network.

2. An Authenticated Diffie-Hellman Key Agreement Protocol Secure Against Active Attacks

references and acknowledgements
References and Acknowledgements















references and acknowledgements1
References and Acknowledgements


1.Java Network Programming and Distributed Computing-

Davis Reilly – Michael Really.

2. Core Servlets and JSP- Marty Hall.

3.How to program Java – Deteil and Deteil.


Dr. Leszek Lilien, Dept. of Computer Science, Western

Michigan University.