In [1]:
from cryptography.hazmat.primitives.asymmetric import dh

Generate safe DH parameters. Takes about 38 seconds on a default codespaces VM (Sep 2023).

In [2]:
params = dh.generate_parameters(generator=2, key_size=2048)

Generate a private key for use in the exchange. This is a number in (member of) of the group $Z^*_{p}$.

This is Alice.

In [3]:
alice_private_key = params.generate_private_key()

This is Bob.

In [4]:
bob_private_key = params.generate_private_key()

This is the shared secret (calculated from Alice's perspective).

In [5]:
shared_key = alice_private_key.exchange(bob_private_key.public_key())

Confirm generator is 2 (which is what was requested).

In [6]:
g = params.parameter_numbers().g
g == 2

True

Confirm prime is same size as what we would expect for a 2048-bit number (again, what was requested).

In [7]:
p = params.parameter_numbers().p
len(str(p))

617

In [8]:
len(str(2**2048))

617

This is Alice's private key $a$.

In [9]:
a = alice_private_key.private_numbers().x

Is there a better way to check whether a number is a member of $Z^*_p$?

In [12]:
assert a > 0 and a < p

This is Bob's public key $B$.

In [10]:
B = bob_private_key.public_key().public_numbers().y

In [11]:
type(shared_key)

bytes

Convert shared secret to an integer and compare with $g^{ab}$.

In [13]:
int.from_bytes(shared_key, "big")

16967227629721643623964810503610812062094509588983899840948633497922729007183638384407005831490718339900125083483768113921456262209289551286537758349408726168360054925915728876673136935712064424553859615289668653616495776536923454674097151176377915655611871348567249366179014654625918466623756893739040305238050888953795206048893786448605321797044588251882794975419459754038364535777665787008758222321560365461544163434191083187036397058894945491021499391701972033174819247989633639860858286649235699262456944052185630885750003136331138939704697587596884184278878499655580670056125778097286986990291475747788446190462

$B^a = (g^b)^a = g^{ab}\ mod\ p$

In [14]:
pow(B, a, mod=p) == int.from_bytes(shared_key, "big")

True

In [15]:
?pow

[0;31mSignature:[0m [0mpow[0m[0;34m([0m[0mbase[0m[0;34m,[0m [0mexp[0m[0;34m,[0m [0mmod[0m[0;34m=[0m[0;32mNone[0m[0;34m)[0m[0;34m[0m[0;34m[0m[0m
[0;31mDocstring:[0m
Equivalent to base**exp with 2 arguments or base**exp % mod with 3 arguments

Some types, such as ints, are able to use a more efficient algorithm when
invoked using the three argument form.
[0;31mType:[0m      builtin_function_or_method