# Diffie-Hellman Key Exchange

In [None]:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import dh
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives.serialization import (
    Encoding, ParameterFormat, PublicFormat,
    load_pem_parameters, load_pem_public_key
)

We play Alice and generate the parameters ($p$, $g$, $q$)

In [None]:
parameters = dh.generate_parameters(generator=2, key_size=1024)

In [None]:
# This is the parameter string to send to Bob 
# Bob can load with
# parameters = load_pem_parameters("...string...")
parameters.parameter_bytes(Encoding.PEM,ParameterFormat.PKCS3)

In [None]:
# Now generate the private key
private_key = parameters.generate_private_key()

In [None]:
# This is the public key to send to Bob 
# Bob can load with
# parameters = load_pem_public_key("...string...")
private_key.public_key().public_bytes(Encoding.PEM,PublicFormat.SubjectPublicKeyInfo)

In [None]:
# Here we should load Bob's public key with
# bob_public_key = load_pem_public_key("...string...")
# Since we do not have Bob, we generate Bob's key locally
bob_private_key = parameters.generate_private_key()
bob_public_key = bob_private_key.public_key()

In [None]:
# This is the shared group element
shared_key = private_key.exchange(bob_private_key.public_key())

In [None]:
# This is the shared key
# You can use derived_key to encrypt a message using any symmetric cipher
# If possible prefer an authenticated
derived_key = HKDF(
    algorithm=hashes.SHA256(),
    length=32,
    salt=None,
    info=b'some shared data',
).derive(shared_key)
derived_key

## Laboratory

Pick a classmate, decide who's Alice and who's Bob. Generate a key and send a message.
You can use email or chat to exchange the protocol messages.