WebApp Sec mailing list archives
RE: Please Review a Diffie Hellman diagram
From: "Hall, Carl" <carl_hall () homedepot com>
Date: Mon, 9 Jan 2006 13:41:22 -0500
Also Saqib: The private values X in your diagram (a and b in the description from Sanjay), are chosen to be less than the modulus T (modulus p in Sanjay's descripion). Carl -----Original Message----- From: Burke, Charles Sent: Monday, January 09, 2006 9:25 AM To: Hall, Carl Subject: FW: Please Review a Diffie Hellman diagram You need to register with security focus if you like emails like this. -----Original Message----- From: Sanjay Rawat [mailto:sanjayr () intoto com] Sent: Monday, January 09, 2006 6:01 AM To: Saqib Ali; webappsec () securityfocus com Subject: Re: Please Review a Diffie Hellman diagram Hi Saqib: The diagram is nice, but content wise, its not (esp. from Mathematics point of view). The chosen number R & T are not just any number (or just any prime numbers). please see the description below (I was lazy enough to write, so I stole it from a site!!!!): ---------------------------------------- The protocol has two system parameters p and g. They are both public and may be used by all the users in a system. Parameter p is a prime number and parameter g (usually called a generator) is an integer less than p, with the following property: for every number n between 1 and p-1 inclusive, there is a power k of g such that n = g^k mod p. Suppose Alice and Bob want to agree on a shared secret key using the Diffie-Hellman key agreement protocol. They proceed as follows: First, Alice generates a random private value a and Bob generates a random private value b. Both a and b are drawn from the set of integers . Then they derive their public values using parameters p and g and their private values. Alice's public value is g^a mod p and Bob's public value is g^b mod p. They then exchange their public values. Finally, Alice computes g^(ab) = (g^b)^a mod p, and Bob computes g^(ba) = (g^a)^b mod p. Since g^(ab) = g^(ba) = k, Alice and Bob now have a shared secret key k. ---------------------------------------- Also, it your diagram under "step 4", it will be nice if you show the commutative law of multiplication to make the point (ie why both Alice and Bob would have the same number at the end of the protocol) more clear. this point is described in above paragraph -- "Finally, Alice computes.........." Regards Sanjay At 07:01 AM 1/7/2006, Saqib Ali wrote:
Please review the following visual depiction of Diffie Hellman Key Exchange: http://www.xml-dev.com/blog/index.php?action=viewtopic&id=196 I would like to recieve corrections, or ideas on how to improve the diagram so it is self-explanatory. -- Saqib Ali, CISSP http://www.xml-dev.com/blog/ "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 ----------------------------------------------------------------------- -------- Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
------------------------------------------------------------------------ ------- Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh ------------------------------------------------------------------------ ------- ------------------------------------------------------------------------------- Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh -------------------------------------------------------------------------------
Current thread:
- Please Review a Diffie Hellman diagram Saqib Ali (Jan 07)
- Re: Please Review a Diffie Hellman diagram Jason Murray (Jan 08)
- Message not available
- Re: Please Review a Diffie Hellman diagram Sanjay Rawat (Jan 09)
- <Possible follow-ups>
- RE: Please Review a Diffie Hellman diagram Mrinal Biswas (Jan 09)
- Message not available
- RE: Please Review a Diffie Hellman diagram Sanjay Rawat (Jan 09)
- Message not available
- Re: Please Review a Diffie Hellman diagram Saqib Ali (Jan 10)
- Re: Please Review a Diffie Hellman diagram Saqib Ali (Jan 10)
- Re: Please Review a Diffie Hellman diagram Saqib Ali (Jan 14)