Stack Overflow
Stack Overflow

Questions tagged [diffie-hellman]

Diffie-Hellman, commonly abbreviated DH, refers to a public key cryptographic protocol used by two parties to produce a common shared secret.

Diffie-Hellman, commonly abbreviated DH, refers to a public key cryptographic protocol used by two parties to produce a common shared secret.

It is most commonly used to implement key agreement, by using the properties of exponentiation modulo a large prime. Another variant uses the properties of elliptic curve groups and is commonly abbreviated ECDH.

For further reading see Wikipedia

431 questions
12
votes
1 answer

Generate Derived Key from Shared Secret (ECDH-ES) - ConcatKDF

I have used the https://github.com/ricmoo/GMEllipticCurveCrypto to generate a Shared Secret using ECDH Algorithm. I now have to Generate a Derived Key using the ECDH-ES algorithm as mentioned here:…
Roshit
  • 1,589
  • 1
  • 15
  • 37
11
votes
3 answers

Generator G's requirement to be a primitive root modulo p in the Diffie Hellman algorithm

Having searched, I've found myself confused by the use of P and G in the Diffie Hellman algorithm. There is requirementy that P is prime, and G is a primitive root of P. I understand the security is based on the difficulty of factoring the result…
Daniel
  • 111
  • 1
  • 3
11
votes
1 answer

Does ECDiffieHellmanCng in .NET have a key derivation function that implements NIST SP 800-56A, section 5.8.1

I have a task at hand that requires deriving key material using the key derivation function described in NIST SP 800-56A, section 5.8.1. I'm not an expert in Cryptography so please excuse me if the question is naive. Here's what I've done so far: I…
Sudhanshu Mishra
  • 6,523
  • 2
  • 59
  • 76
10
votes
1 answer

How to build a highly secure End to End Encryption React Native messaging app

I am currently working on an instant React Native messaging app and I want to implement E2EE (End to End Encryption between the sender and the receiver) for better security. The libraries/frameworks I use are NodeJS for the backend, Socket.io for…
Blou
  • 191
  • 1
  • 9
8
votes
1 answer

How to expand DH key size to 2048 in java 8

I read a lot of posts saying that in java 8 it is possible to expand the DH key size to 2048. They say it is possible from the system property by changing the value of: jdk.tls.ephemeralDHKeySize to 2048. I tried to figure out where and how to do…
user2192774
  • 3,807
  • 17
  • 47
  • 62
7
votes
1 answer

How to extract DH parameters from a DH key in PEM format

I have generated a Diffie-Hellman key using certain g and p parameters, like this: $ cat dhparam.pem -----BEGIN DH…
Quuxplusone
  • 23,928
  • 8
  • 94
  • 159
7
votes
1 answer

Does JDK 1.8 support Cipher suites with Diffie-Hellman (DH) keys of size 4096 bits

I want to know if JDK 1.8 supports DH key length of 4096 bits. Everywhere I searched, I found that jdk.tls.ephemeralDHKeySize can accept only between 1024 and 2048 bits. I have to connect to a site which supports…
Uthra
  • 115
  • 1
  • 2
  • 8
6
votes
1 answer

OpenSSL 3 Diffie-Hellman Key Exchange C++

Before OpenSSL3 this was simple. DH* dh = DH_new(); /* Parameters */ dh->p = BN_bin2bn(bin_p, bin_p_size, NULL); dh->g = BN_bin2bn(bin_g, bin_g_size, NULL); /* Private key generation */ BN_hex2bn(&dh->priv_key, hex_priv_key); /* Public key…
Leo
  • 93
  • 5
6
votes
1 answer

Why does Curve25519 calculate key pair correctly even though its parameters are wrong?

It seems that .NET (Core 3.1) supports custom curves in ECC. So I've defined the Curve25519, and generated key pair by below code: using System; using System.Security.Cryptography; namespace Curve25519 { class Program { static void…
Yasar_yy
  • 130
  • 3
  • 11
6
votes
2 answers

Disable Diffie-Hellman (DH) key in Ubuntu 16 and Nginx

For website hosted in Ubuntu 16 with Nginx, SSL tests always shows B grade. Below is the reason shown. See also the attached image. Current SSL cipher settings are below. I have noticed the same thing in around 8 to 10 servers I have with ubuntu…
nisamudeen97
  • 519
  • 4
  • 22
6
votes
1 answer

Why are prime numbers used in Diffie-Hellman key exchange?

Diffie-Hellman key exchange algorithm uses operations like 2^8 mod n where n is a prime number. What is the reason for using prime numbers instead of other numbers?
Shourob Datta
  • 1,886
  • 22
  • 30
6
votes
1 answer

Diffie-Hellman with BIGNUM (OpenSSL) vs. BigInteger (C#)

I'm implementing a Diffie-Hellman key exchange algorithm between an embedded device which uses OpenSSL libraries for BIGNUM operations and a C# software which uses System.Numerics.BigInteger methods to calculate the secret shared key generation.…
Taha Paksu
  • 15,371
  • 2
  • 44
  • 78
5
votes
1 answer

1024-bit Diffie-Hellman in C#

So I'm working on a project to interface a C# client with an existing server technology. One of the requirements is a key exchange using Diffie-Hellman. We have known public P and G and I need to generate a 1024-bit public key to send to the…
Gerald
  • 23,011
  • 10
  • 73
  • 102
5
votes
5 answers

Diffie-Hellman implementation for iOS?

This is my first question here as before I found all workarounds from another questions. The question is very short: Does anyone know if there is any Diffie-Hellman implementation for iOS? I mean...the idea is to share between 2 devices (one is iOS…
user1138682
  • 51
  • 1
  • 3
5
votes
1 answer

How to check my server Diffie-Hellman MODP size (bits) and increase it?

Good day, I have a WAS liberty server in Linux Redhat, and I enable the only TLSv1.2. I type the following command to get the server info: openssl s_client -connect 10.7.5.65:9443 -msg Part of the result is as follow: No client certificate CA names…
Panadol Chong
  • 1,793
  • 13
  • 54
  • 119
1
2
3
28 29