Performing Diffie-Hellman Key Agreement

Performing Diffie-Hellman Key Agreement

Diffie-Hellman Key Agreement is a method for two parties to obtain the same symmetric key. In this procedure, a central authority generates parameters and gives them to the two individuals seeking to generate a secret key. In Phase 1, each individual uses these parameters to produce a public value and a private value. In Phase 2, they trade public values and each uses the other’s public value with their own private value to generate the same secret value.

Note: One of the individuals could act as the central authority and generate the parameters. Security does not depend on a third party’s independently producing the parameters.

The section “Diffie-Hellman Public Key Agreement” on page 62 gives a detailed description of the Diffie-Hellman algorithm.

Generating Diffie-Hellman Parameters

The parameters are a prime, a base, and, optionally, the length in bits of the private value. The parties will generate their own private values in Phase 1, although the central authority has the option of declaring how long these values will be.

Note: You may have noticed that the Diffie-Hellman algorithm is very similar to the RSA algorithm. The Diffie-Hellman prime is analogous to the RSA modulus, and the Diffie-Hellman base is analogous to the RSA data to encrypt. The Diffie-Hellman private value is analogous to the RSA private exponent (private key) in private-key encryption.

The example in this section corresponds to the file dhparam.c. There is no Step 4, Update, in generating Diffie-Hellman parameters.

Step 1: Creating An Algorithm Object

Declare a variable to be B_ALGORITHM_OBJ. As defined in the function prototype in Chapter 4 of the Reference Manual, its address is the argument for B_CreateAlgorithmObject:

B_ALGORITHM_OBJ dhParamGenerator = (B_ALGORITHM_OBJ)NULL_PTR;

if ((status = B_CreateAlgorithmObject (&dhParamGenerator)) != 0) break;

C h a p t e r 7 P u b l i c - K e y O p e r a t i o n s

2 4 9

Page 271
Image 271
RSA Security 5.2.2 manual Generating Diffie-Hellman Parameters, Performing Diffie-Hellman Key Agreement