Diffie Hellman key exchange
The following code snippet demonstrates the Diffie-Hellman key exchange algorithm which is a cryptography algorithm that allows two parties to jointly establish a shared secret key over an insecure communication channel. Diffie Hellman method is used to jointly arrive at the same Shared key and you can read more here.
Following are the steps involved in this algorithm:
1) Create two objects of RInteger class(a TInteger derived class allowing the construction of variable length big integers) each for a prime Number 'P'& a generator':
RInteger PrimeNum = RInteger::NewPrimeL(1024)//pass here the number of bits of prime number you wish to generate e.g. passing 1024 will generate a 1024 bit prime number.
RInteger Generator=RInteger::NewL(5); // generator is generated by passing a constant which is usually 2 or 5
2) Create an object of CDHKeyPair class using the RInteger objects created in Step 1 :
TRAPD(err,iDHKeyPair = CDHKeyPair::NewL(PrimeNum ,Generator));
3) Next get the 'G'(generator) & 'N'(Prime Number) parameters of Diffie Hellman using the CDHkeyPair object created in Step 2 :
const TInteger& G =iDHKeyPair->PublicKey().G();
const TInteger& N =iDHKeyPair->PublicKey().N();
//Get the Prime Number in a buffer as below :
//Also get the DH value 'x'(a random large integer) as:
const TInteger& xparam =iDHKeyPair->PrivateKey().x();
4) Next generate the DH public value/parameter(PublicVal) which is to be exchanged with the party other side as below:
const TInteger& PublicVal = (G.TimesL(xparam )).ModuloL(N);
HBufC8 *Buffervalue = PublicVal .BufferLC();
TPtr8 NewPublicVal = Buffervalue ->Des();
5) Now send the Prime Number which is generated in Step 3 to the other party by the way you wish to send.
6) The receiving party(which will receive the Prime Number) will now repeat the Steps 1 to 4, with Step 1 as below:
RInteger PrimeNumReceiver = RInteger::NewL(const TDesC8&//Prime Number Received from Sender side)
//Rest of the steps will be same on receiver side but will require the use of
//received prime number where it is required.
7) Now there will be two public values/parameters generated, one at the Sender's end & one at receiver's end, both generated using the same prime Number.So now exchange the two public values/parameters i.e. the sender will send its value to receiver & vice-versa.
8) Now with public values got exchanged the two parties will now generate a common/shared secret at their ends:
RInteger PrivateValue = RInteger::NewL(const TDesC8& privateParam//private parameter 'x' generated at each side in Step 3);
RInteger PrimeNum = RInteger::NewL(const TDesC8& Prime//the common Prime Number);
RInteger ReceivedPublic = RInteger::NewL(const TDesC8& publicParam //the exchanged public value);
//The common/Shared secret key will be generated at each end as below:
const TInteger& SharedKey = (ReceivedPublic.TimesL(Private)).ModuloL(PrimeNum );
- The above generated shared secret key will be same as generated at both the ends(sender & receiver) & now they can use it as they want like using it as an encryption/decryption key in any of the Symmetrical Cryptographic algorithms.