[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Question on Anonymous Diffie-Hellman key exchange
|
From: |
Ram G |
|
Subject: |
Re: Question on Anonymous Diffie-Hellman key exchange |
|
Date: |
Thu, 27 Aug 2009 11:50:45 -0400 |
So does this mean the GnuTLS client generates the "shared key" on its own ?
When I read that the DH parameters are useful only to the server, perhaps I got confused that the server generates P, G and the "Shared Key" and sends the "Shared Key" to the client.
So this is the correct logic:
1) GnuTLS server generates P & G and sends it to the client
2) GnuTLS client selects a random number X and sends G(power of X) mod P to server
3) GnuTLS server selects a random number Y and sends G(power of Y) mod P to client
4) Both client and server independently calculates the "shared key"
Thanks for clearing my confusion
Ramg
On Thu, Aug 27, 2009 at 11:32 AM, Nikos Mavrogiannopoulos
<address@hidden> wrote:
Ram G wrote:
> Hi,
> "....Also note that the DH parameters are only useful to servers. Since
> clients use the parameters sent by the server, it's of no use to call this
> in client side....."
[...]
> 1) Alice and Bob decides on the prime P and generator G
> 2) Alice decides on a random number X and sends G(power of X) mod P to Bob
> 3) Bob decides on a random number Y and sends G(power of Y) mod P to Alice
> 4) Both Bob and Alice can calculate the shared secret on their own from
> steps 2 and 3.
>
> So my question is - why are the DH params not generated in the client side
> too ? What is the point in generating the DH params and the shared key in
> the server (Bob) and sending it to the client (Alice) - won't it be
> accessible to an attacker when it is sent in the clear ?
Hello,
They will be available to attackers but the security of the DH
cryptosystem doesn't depend on the secrecy of the group and generator.
The security depends on the random numbers X and Y.
regards,
Nikos