Open main menu

Wikipedia β

Talk:Diffie–Hellman key exchange

DH is not vulnerable to MITM per seEdit

the Diffie–Hellman exchange by itself does not provide authentication of the communicating parties and is thus vulnerable to a man-in-the-middle attack.

Given that Diffie–Hellman key exchange is anonymous, the example of a MITM attack between Alice, Bob and Mallory doesn't make sense, because Alice doesn't know who she is talking to!

More elaborate exampleEdit

This uses the 2048 bit prime suggested in rfc3526 :

p =
FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74
020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437
4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED
EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05
98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB
9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B
E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718
3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF

a = (secretly chosen by A, should also be 2048 bit, but shorter here)
19283746AABBCCDDEEFF00112233445598765432
b = (secretly chosen by B, should also be 2048 bit, but shorter here)
A91B25C68FE7A6D8998877661928332219345678

x = 2^a mod p = (calculated and transmitted by A)

D9487989280A9B0FC49A58CB4DCC73340C6828967D90AFE352BF6E61670FC94BEC37
DB07F6DAE2233EFB9D597314CEE442C14C3E22483E84A8110C6E02FE7519A1A583CC
2EA9FC650B0C89D57EFA46DCB6934F0DB6DC3BADC43E41BC895D4498F813BAEFA97D
2D8B75B7D6C5C05930F2D7C599238060AD23C9E0DED20E843699A8F8F092C74816D9
1D37DB11CE78A9DD9BD8D352691708CD7E6E7E2B076D43A46E87C5F46C79A3BE0011
3BC47AD1569641FB92001D7F0A1FBFEC2FDD9A23F62786DE02A387A9FC781C682E42
866B4BC98239C7F5F3ABDD40AA30E68F0A44C91858F9C063BE7FEB76FAD6E2B9B384
97C0F135EE78C761C641BCEB34855BA5CAF2

y = 2^b mod p = (calculated and transmitted by B)

C4EE2EF71F72CC5CF4FDE2CA0BE64D4FBD65552DD0D644615A064CC35E40E17A18D6
DF56F72DACF6424FFD8CAEA7B23DE82E3A7DD586668AFE51B0AD3E08DF85F899E6D3
B6B8AAEEDEB91FAFCDC5E104E10284E270B22B902304457031E754980E348F709549
4CC520D3A860BCA205884A64540BF6ED5C19ECF6A0AFB21A10911C423CB1C5D993B0
7FE85E84F086896D987A2D029A4E30B0E1FBAD8BDC4E4DAA560CE183E1AD0D0A3FB7
2CF1279D9175E8CEA4B0E0736DCAA5D8590C1071A9212F2CC54B0630843EF428F88B
29655E88CA8C3AF31C42B2E023C485A32D3C2352CC394A7425FD1994F93B78F353B3
0C07480F3DB6FCF756824A204F59C7E9E354

KeyA = y^a mod p = 2^(b*a) mod p (calculated by A)

485FFE50D43480DD431DC03F26BC91055D4B1159DBD0AB760E1070661761E54E2B84
F62AD290DA2023319F580CB594AD013331B676C5BBC273C75703096C3B919CCB14B9
1F09F1E78356D592D3AD3DB124D650139BA58FE1C782E6A17BA877175054D3206A65
C09EC6AF3DE2605C419FE266FD7D6B1BBC0868FE8E93302DE7708B78488CB5674BD4
86FE36FBBC84FFC4F80F7BF4E8739B9DC9B7385DB05087876C3F8F0032A281ED3464
BF0154C782611FB68251BBD2AE6829F73B4F3CC53AFD8B82B3B4CC9955591D5F8151
84DDAF80E8B7F977E0CBD2E3FE175120F3199E32F3A02EA42B241D1DFCCFF61BB679
A25E0802C0FDE59E531545FF3B97DD5236CD

KeyB = x^b mod p = 2^(a*b) mod p (calculated by B)

485FFE50D43480DD431DC03F26BC91055D4B1159DBD0AB760E1070661761E54E2B84
F62AD290DA2023319F580CB594AD013331B676C5BBC273C75703096C3B919CCB14B9
1F09F1E78356D592D3AD3DB124D650139BA58FE1C782E6A17BA877175054D3206A65
C09EC6AF3DE2605C419FE266FD7D6B1BBC0868FE8E93302DE7708B78488CB5674BD4
86FE36FBBC84FFC4F80F7BF4E8739B9DC9B7385DB05087876C3F8F0032A281ED3464
BF0154C782611FB68251BBD2AE6829F73B4F3CC53AFD8B82B3B4CC9955591D5F8151
84DDAF80E8B7F977E0CBD2E3FE175120F3199E32F3A02EA42B241D1DFCCFF61BB679
A25E0802C0FDE59E531545FF3B97DD5236CD

Maybe someone wants to reformat this and include it in the main page. 18:00, 18 February 2016 (UTC) — Preceding unsigned comment added by 194.25.174.98 (talk)

This is brilliant. Many thanks to the person who contributed this. There are many explanations on how Diffie–Hellman works but when it comes to actually implementing something, it is unclear what p, g and q are and where they come from. This examples clarifies that and should be included on the main page.203.118.131.249 (talk) 04:11, 5 July 2017 (UTC)

DH vs RSAEdit

Hello fellow Wikipedians,

As far as I know, what Clifford Cocks described in the '70 was a cryptosystem similar to RSA, not a DH key exchange. Am I right? — Preceding unsigned comment added by 87.220.154.159 (talk) 06:07, 4 September 2016 (UTC)

External links modifiedEdit

Hello fellow Wikipedians,

I have just modified 2 external links on Diffie–Hellman key exchange. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

 Y An editor has reviewed this edit and fixed any errors that were found.

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

If you are unable to use these tools, you may set |needhelp=<your help request> on this template to request help from an experienced user. Please include details about your problem, to help other editors.

Cheers.—InternetArchiveBot (Report bug) 00:18, 13 December 2016 (UTC)

External links modifiedEdit

Hello fellow Wikipedians,

I have just modified 2 external links on Diffie–Hellman key exchange. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

You may set the |checked=, on this template, to true or failed to let other editors know you reviewed the change. If you find any errors, please use the tools below to fix them or call an editor by setting |needhelp= to your help request.

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

If you are unable to use these tools, you may set |needhelp=<your help request> on this template to request help from an experienced user. Please include details about your problem, to help other editors.

Cheers.—InternetArchiveBot (Report bug) 14:11, 10 September 2017 (UTC)

Return to "Diffie–Hellman key exchange" page.