# Diffie-Hellman key exchange

Diffie–Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as originally conceptualized by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.

### Cryptographic explanation

The simplest and the original implementation of the protocol uses the multiplicative group of integers modulo p, where p is prime, and g is a primitive root modulo p. These two values are chosen in this way to ensure that the resulting shared secret can take on any value from 1 to p–1. Here is an example of the protocol, with non-secret values in blue, and secret values in red.


![title](color.png)

![title](text.png)

## Imports

In [1]:
import base64
from primesieve import nth_prime
from random import randint
from Crypto.Cipher import AES

## Key Sharing

### Public numbers

In [2]:
# small prime number
g = nth_prime(50)

In [3]:
g

229

In [4]:
# large prime number
p = nth_prime(1000)

In [5]:
p

7919

### Alice and Bob

### Private number

In [6]:
a = nth_prime(randint(1, p-1))
b = nth_prime(randint(1, p-1))

In [7]:
a

32633

In [8]:
b

20117

### Public Message Transfer

#### Alice sends Bob publicly

In [9]:
alice_sends = g**a % p

#### Bob sends Alice publicly

In [10]:
bob_sends = g**b % p

### Shared Secret key

#### Alice

In [11]:
shared_secret_key_alice = bob_sends**a % p

In [12]:
shared_secret_key_alice

2579

#### Bob

In [13]:
shared_secret_key_bob = alice_sends**b % p 

In [14]:
shared_secret_key_bob

2579

In [15]:
assert shared_secret_key_alice==shared_secret_key_bob
shared_secret_key =  shared_secret_key_alice

## Encryption and Decryption

Changing the key to 16 byte

In [16]:
key = str(shared_secret_key)
key_bytes = str.encode(key.zfill(16))

In [17]:
alice_to_bob_original = str.encode('hello world how are you'.zfill(256))
cipher = AES.new(key_bytes, AES.MODE_ECB)
cipher_msg = cipher.encrypt(alice_to_bob_original)

cipher_msg is sent to the server, bob reads the cipher_msg and uses the secret key to decipher

In [18]:
decipher = AES.new(key_bytes, AES.MODE_ECB)
print(decipher.decrypt(cipher_msg))

b'00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000hello world how are you'


## Man in the middle attacks can happen