Diffie Hellman key agreement generates different key every time JAVA - McMap

About

Diffie Hellman key agreement generates different key every time JAVA

Asked 5/6, 2012 at 3:17 Answered 5/6, 2012 at 18:28

java bouncycastle diffie-hellman

S

1

1

I am experiencing a problem with Diffie Hellman implementation. I am using this code http://www.java2s.com/Tutorial/Java/0490__Security/DiffieHellmanKeyAgreement.htm

It is actually an example from one book I am reading. But I can't understand why generateSecret() creates a different key for every KeyAgreement. I have noticed the function creates different keys even if I call it with the same KeyAgreement twice! If someone has something to suggest I will be really glad!

Thanks for your time!

Solmization answered 5/6, 2012 at 3:17 Comment(2)

I think generateSecret resets the state of keyagreement, perhaps that's why? ALso your question is not 100% clear, post a better one with output showing exactly what is different and under what circumstances. – Pohai 5/6, 2012 at 3:26

First of all thanks for your time! Now about the problem, i have read the api page for KeyAgreement and it says that unless you init again the keyagreement it uses the same keys.I have used the code at the link, the only difference is that i am not hashing the result i am just printing it like this : 'System.out.println(aKeyAgree.generateSecret()); System.out.println(bKeyAgree.generateSecret());' I am just running the code and i am getting different results,and that is not normal as the book says! – Solmization 5/6, 2012 at 17:37

P

6

I think the part of the example

private static BigInteger g512 = new BigInteger("1234567890", 16);
private static BigInteger p512 = new BigInteger("1234567890", 16);

is completely bogus. p needs to be prime and gneeds to be a generator. When I try running the example I get an exception. This seems to be a more reasonable example (but I haven't tested it myself yet).

Basically the interesting input to the DH exchange is that (p,g) pair which needs to be generated and must have some unique properties. Clearly, the example above shows just place holder values which will not produce a correctly functioning algorithm (p can not be equal to g and p should be prime, while in the example it is clearly divisible by 10). The example I linked to shows how to use the libraries to generate a correct (p, g) pair.

It is also worth noting that DH parameter generation is usually a separate step from generating the secret key. While DH parameters are somewhat private, they are not as sensitive as your private key and can be generated once and then reused.

(Edit: Example)

AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance("DH");
paramGen.init(512); // number of bits
AlgorithmParameters params = paramGen.generateParameters();
DHParameterSpec dhSpec = params.getParameterSpec(DHParameterSpec.class);

BigInteger p512 = dhSpec.getP();
BigInteger g512 = dhSpec.getG();
int l = dhSpec.getL();
...

Pohai answered 5/6, 2012 at 18:28 Comment(3)

I am not sure why the down vote either. You are right about the earlier example. FWIW the one you linked does work. Because links tend to break over time, I added the pertinent code snippet. (Hope you do not mind). – Myotome 6/6, 2012 at 5:12

Sorry for the late answer, i have stopped working on that project since then but i will start again soon :) Thanks for the reply , i haven't down voted you! Actually i have just up voted you now and when i will test your code i will give you the accepted answer! – Solmization 29/6, 2012 at 19:58

hi, the link to the example is broken. any chance you could post it here or fix the link? – Weathertight 20/8, 2014 at 8:10

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.