Question on Anonymous Diffie-Hellman key exchange
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
Question on Anonymous Diffie-Hellman key exchange
by Ram G
::
Rate this Message:
Hi,
I have a question regarding the generation of DH parameters.
From GnuTLS documentation (http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-dh-params-generate2)
"....Also note that the DH parameters are only useful to servers. Since clients use the parameters sent by the server, it's of no use to call this in client side....."
What I have been able to gather from online sources on DH key exchange is that 1) Alice and Bob decides on the prime P and generator G 2) Alice decides on a random number X and sends G(power of X) mod P to Bob 3) Bob decides on a random number Y and sends G(power of Y) mod P to Alice 4) Both Bob and Alice can calculate the shared secret on their own from steps 2 and 3. So my question is - why are the DH params not generated in the client side too ? What is the point in generating the DH params and the shared key in the server (Bob) and sending it to the client (Alice) - won't it be accessible to an attacker when it is sent in the clear ? I would really appreciate if someone can shed some light on how anonymous DH works in GnuTLS. Thanks Ramg _______________________________________________ Help-gnutls mailing list Help-gnutls@... http://lists.gnu.org/mailman/listinfo/help-gnutls |
|
|
Re: Question on Anonymous Diffie-Hellman key exchange
by Nikos Mavrogiannopoulos
::
Rate this Message:
Ram G wrote:
> Hi, > "....Also note that the DH parameters are only useful to servers. Since > clients use the parameters sent by the server, it's of no use to call this > in client side....." [...] > 1) Alice and Bob decides on the prime P and generator G > 2) Alice decides on a random number X and sends G(power of X) mod P to Bob > 3) Bob decides on a random number Y and sends G(power of Y) mod P to Alice > 4) Both Bob and Alice can calculate the shared secret on their own from > steps 2 and 3. > > So my question is - why are the DH params not generated in the client side > too ? What is the point in generating the DH params and the shared key in > the server (Bob) and sending it to the client (Alice) - won't it be > accessible to an attacker when it is sent in the clear ? Hello, They will be available to attackers but the security of the DH cryptosystem doesn't depend on the secrecy of the group and generator. The security depends on the random numbers X and Y. regards, Nikos _______________________________________________ Help-gnutls mailing list Help-gnutls@... http://lists.gnu.org/mailman/listinfo/help-gnutls |
|
|
Re: Question on Anonymous Diffie-Hellman key exchange
by Ram G
::
Rate this Message:
So does this mean the GnuTLS client generates the "shared key" on its own ?
When I read that the DH parameters are useful only to the server, perhaps I got confused that the server generates P, G and the "Shared Key" and sends the "Shared Key" to the client.
So this is the correct logic:
1) GnuTLS server generates P & G and sends it to the client
2) GnuTLS client selects a random number X and sends G(power of X) mod P to server
3) GnuTLS server selects a random number Y and sends G(power of Y) mod P to client
4) Both client and server independently calculates the "shared key"
Thanks for clearing my confusion
Ramg
On Thu, Aug 27, 2009 at 11:32 AM, Nikos Mavrogiannopoulos <nmav@...> wrote: Ram G wrote: _______________________________________________ Help-gnutls mailing list Help-gnutls@... http://lists.gnu.org/mailman/listinfo/help-gnutls |
| Free embeddable forum powered by Nabble | Forum Help |
