diffie-hellman

Diffie-Hellman Key Exchange with Javascript sometimes wrong

落爺英雄遲暮 提交于 2021-02-07 09:13:53
问题 After watching this video http://youtu.be/3QnD2c4Xovk I've been trying to follow it step by step, and haven't been able to produce the same results. Notably, when I try to do Math.pow(3, 54)%17, I get 7. While the speaker gets 15. I wrote a method that is supposed to simulate Diffie Hellman's key exchange using exactly what I found on http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange This is my code: function diffieHellman(generator, prime, alice_secret, bob_secret){ var alice

Why does Curve25519 calculate key pair correctly even though its parameters are wrong?

半腔热情 提交于 2021-01-28 06:16:00
问题 It seems that .NET (Core 3.1) supports custom curves in ECC. So I've defined the Curve25519, and generated key pair by below code: using System; using System.Security.Cryptography; namespace Curve25519 { class Program { static void Main(string[] args) { ECCurve ecCurve = new ECCurve() // Curve25519, 32 bytes, 256 bit { CurveType = ECCurve.ECCurveType.PrimeMontgomery, B = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }, A = new byte

Can someone tell me how to make a server choose a ECDH_* cipher over ECDHE_*?

China☆狼群 提交于 2020-05-23 07:36:13
问题 I am using RSA cipher for signing the certificate and SSL_CTX_set_tmp_ecdh_callback () api to set the ECDH parameters for key-exchange. The server always ends up choosing TLS_ECDHE_RSA_* cipher suite. If i make the client send only TLS_ECDH_* cipher suites in the clientHello, the server breaks the connection stating "no shared cipher". Can someone tell me how to make a server choose a ECDH_* cipher over ECDHE_* ? How is it that the server decides I should choose ECDH_* cipher over ECDHE_*

Can someone tell me how to make a server choose a ECDH_* cipher over ECDHE_*?

一曲冷凌霜 提交于 2020-05-23 07:35:10
问题 I am using RSA cipher for signing the certificate and SSL_CTX_set_tmp_ecdh_callback () api to set the ECDH parameters for key-exchange. The server always ends up choosing TLS_ECDHE_RSA_* cipher suite. If i make the client send only TLS_ECDH_* cipher suites in the clientHello, the server breaks the connection stating "no shared cipher". Can someone tell me how to make a server choose a ECDH_* cipher over ECDHE_* ? How is it that the server decides I should choose ECDH_* cipher over ECDHE_*

iOS Swift Diffie-Hellman key exchange to encrypt and decrypt messages? using Secure Enclave

时光总嘲笑我的痴心妄想 提交于 2020-04-30 07:11:51
问题 How can i use the Diffie-Hellman key exchange to encrypt and decrypt messages? I'am able to generate the shared keys (for both bob and alice) but SecKeyCopyKeyExchangeResult returns me a Data...how can i get SecKey to use with SecKeyCreateDecryptedData and SecKeyCreateEncryptedData ? So i think i should extract the SecKey somehow from the shared data so i can make symettrical encryption/decryption. The code so far is: let bob_shared_secret: NSData = generateSharedKey_ecdh(publicKey:

iOS Swift Diffie-Hellman key exchange to encrypt and decrypt messages? using Secure Enclave

為{幸葍}努か 提交于 2020-04-30 07:11:17
问题 How can i use the Diffie-Hellman key exchange to encrypt and decrypt messages? I'am able to generate the shared keys (for both bob and alice) but SecKeyCopyKeyExchangeResult returns me a Data...how can i get SecKey to use with SecKeyCreateDecryptedData and SecKeyCreateEncryptedData ? So i think i should extract the SecKey somehow from the shared data so i can make symettrical encryption/decryption. The code so far is: let bob_shared_secret: NSData = generateSharedKey_ecdh(publicKey:

Node.js crypto key creation using Java

南笙酒味 提交于 2020-04-13 08:00:40
问题 I have this code in node.js, it create Key using Crypto. Can i create same key using Java? diffieHellmanConfig': {       'group': 'modp14',       'encoding': 'base64'     } const clientDHInstance = crypto.getDiffieHellman(config.userCardCrypto.diffieHellmanConfig.group); clientDHInstance.generateKeys(); const clientPublicKey = clientDHInstance.getPublicKey(config.userCardCrypto.diffieHellmanConfig.encoding); I try to use KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH"); keyGen

IPsec入门篇讲解(第二篇)

让人想犯罪 __ 提交于 2020-03-17 00:23:32
安全联盟(SA)  IPSec通过在IPSec对等体间建立双向安全联盟(SA),形成一个安全互通的IPSec隧道,来实现Internet上数据的安全传输  SA由一个三元组来唯一标识,这个三元组包括安全参数索引SPI(Security Parameter Index)、目的IP地址和使用的安全协议号(AH或ESP)。其中,SPI是为唯一标识SA而生成的一个32位比特的数值,它在AH和ESP头中传输。在手工配置SA时,需要手工指定SPI的取值。使用IKE协商产生SA时,SPI将随机生成  SA是单向的逻辑连接,因此两个IPSec对等体之间的双向通信,最少需要建立两个SA来分别对两个方向的数据流进行安全保护。如图1所示,为了在对等体A和对等体B之间建立IPSec隧道,需要建立两个安全联盟,其中,SA1规定了从对等体A发送到对等体B的数据采取的保护方式,SA2规定了从对等体B发送到对等体A的数据采取的保护方式  另外,SA的个数还与安全协议相关。如果只使用AH或ESP来保护两个对等体之间的流量,则对等体之间就有两个SA,每个方向上一个。如果对等体同时使用了AH和ESP,那么对等体之间就需要四个SA,每个方向上两个,分别对应AH和ESP  有两种方式建立IPSec安全联盟:手工方式和IKE自动协商方式。二者的主要区别为  密钥生成方式不同  手工方式下,建立SA所需的全部参数
订阅 diffie-hellman