# Diffie Hellman key exchange

Article
Created: vineet.jain (15 Feb 2010)
Last edited: hamishwillee (20 Jul 2012)

## Over View

The following code snippet demonstrates the Diffie-Hellman key exchange algorithm which is a cryptography algorithm that allows two parties to jointly establish a shared secret key over an insecure communication channel. Diffie Hellman method is used to jointly arrive at the same Shared key and you can read more here.

`#include <cryptoasymmetric.h>`

## Library Required

`LIBRARY cryptography.lib`

Following are the steps involved in this algorithm:

1) Create two objects of RInteger class(a TInteger derived class allowing the construction of variable length big integers) each for a prime Number 'P'& a generator':

`RInteger PrimeNum = RInteger::NewPrimeL(1024)//pass here the number of bits of prime number you wish to generate e.g. passing 1024 will generate a 1024 bit prime number.RInteger Generator=RInteger::NewL(5); // generator is generated by passing a constant which is usually 2 or 5`

2) Create an object of CDHKeyPair class using the RInteger objects created in Step 1 :

`TRAPD(err,iDHKeyPair = CDHKeyPair::NewL(PrimeNum ,Generator));`

3) Next get the 'G'(generator) & 'N'(Prime Number) parameters of Diffie Hellman using the CDHkeyPair object created in Step 2 :

`const TInteger& G =iDHKeyPair->PublicKey().G();const TInteger& N =iDHKeyPair->PublicKey().N();//Get the Prime Number in a buffer as below :HBufC8 *PrimeBuffer=N.BufferLC();TPtr8 PtrPrime=PrimeBuffer->Des();//Also get the DH value 'x'(a random large integer) as:const TInteger& xparam =iDHKeyPair->PrivateKey().x();`

4) Next generate the DH public value/parameter(PublicVal) which is to be exchanged with the party other side as below:

`const TInteger& PublicVal = (G.TimesL(xparam )).ModuloL(N);HBufC8 *Buffervalue = PublicVal .BufferLC();TPtr8 NewPublicVal = Buffervalue ->Des();`

5) Now send the Prime Number which is generated in Step 3 to the other party by the way you wish to send.

6) The receiving party(which will receive the Prime Number) will now repeat the Steps 1 to 4, with Step 1 as below:

`RInteger PrimeNumReceiver = RInteger::NewL(const TDesC8&//Prime Number Received from Sender side)RInteger GeneratorReceiver=RInteger::NewL(5); //Rest of the steps will be same on receiver side but will require the use of //received prime number where it is required.`

7) Now there will be two public values/parameters generated, one at the Sender's end & one at receiver's end, both generated using the same prime Number.So now exchange the two public values/parameters i.e. the sender will send its value to receiver & vice-versa.

8) Now with public values got exchanged the two parties will now generate a common/shared secret at their ends:

`RInteger PrivateValue = RInteger::NewL(const TDesC8& privateParam//private parameter 'x' generated at each side in Step 3);RInteger PrimeNum = RInteger::NewL(const TDesC8& Prime//the common Prime Number);RInteger ReceivedPublic = RInteger::NewL(const TDesC8& publicParam //the exchanged public value); //The common/Shared secret key will be generated at each end as below: const TInteger& SharedKey = (ReceivedPublic.TimesL(Private)).ModuloL(PrimeNum );`

• The above generated shared secret key will be same as generated at both the ends(sender & receiver) & now they can use it as they want like using it as an encryption/decryption key in any of the Symmetrical Cryptographic algorithms.