# Diffie-Hellman key exchange

The following is a simple implementation of the classic [Diffie-Hellman key exchange](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) cryptographic protocol.

In [9]:
# Public information:
p = Primes()[10^3 + randint(1,10000)] # random prime
g = randint(2, p-1) # random integer

print("Public key: p =", p, "and g =", g, "\n")

a = randint(2, p-1) # Only Alice knows this
b = randint(2, p-1) # Only Bob knows this

print("[[ Alice's secret key: a =", a, "]]")
print("[[ Bob's secret key: b =", b, "]]", "\n")

h1 = (g^a) % p # Alice sends this to Bob
h2 = (g^b) % p # Bob sends this to Alice

print("Alice sends h1 =", h1, "to Bob")
print("Bob sends h2 =", h2, "to Alice", "\n")

secret_a = (h2^a) % p # Alice can compute this because she knows a
secret_b = (h1^b) % p # Bob can compute this because he knows b

print("Alice computed", secret_a, "using h2 and her secret a")
print("Bob computed", secret_b, "using h1 and his secret b")

Public key: p = 20747 and g = 13428 

[[ Alice's secret key: a = 12403 ]]
[[ Bob's secret key: b = 17642 ]] 

Alice sends h1 = 14710 to Bob
Bob sends h2 = 10680 to Alice 

Alice computed 10455 using h2 and her secret a
Bob computed 10455 using h1 and his secret b


## General Diffie-Hellman

The following code is an implementation of a generic Diffie-Hellman key exchange protocol that uses a group $G$ instead of $(\mathbb Z/p \mathbb Z)^\times$.

In [24]:
def genericDH(G):
    if G.cardinality() == 1:
        print("Group is trivial, can't do anything")
        return
    g = G.random_element()
    while g == G.identity(): # Make sure g is not trivial
        g = G.random_element()
        
    print("Public key:\nG =", G, "\ng =", g, "\n")
    
    a = randint(2, G.exponent()-1) # Only Alice knows this
    b = randint(2, G.exponent()-1) # Only Bob knows this

    print("[[ Alice's secret key: a =", a, "]]")
    print("[[ Bob's secret key: b =", b, "]]", "\n")
    
    # "Ternary operator", I did not explain this
    # https://docs.python.org/3/reference/expressions.html#conditional-expressions
    h1 = g^a if G.is_multiplicative() else a*g # Alice sends this to Bob
    h2 = g^b if G.is_multiplicative() else b*g # Bob sends this to Alice

    print("Alice sends h1 =", h1, "to Bob")
    print("Bob sends h2 =", h2, "to Alice", "\n")
    
    secret_a = h2^a if G.is_multiplicative() else a*h2 # Alice can compute this because she knows a
    secret_b = h1^b if G.is_multiplicative() else b*h1 # Bob can compute this because he knows b

    print("Alice computed", secret_a, "using h2 and her secret a")
    print("Bob computed", secret_b, "using h1 and his secret b")
    
E = EllipticCurve(GF(157), [1,-1])
G = E.abelian_group()
genericDH(G)

Public key:
G = Additive abelian group isomorphic to Z/171 embedded in Abelian group of points on Elliptic Curve defined by y^2 = x^3 + x + 156 over Finite Field of size 157 
g = (155 : 60 : 1) 

[[ Alice's secret key: a = 141 ]]
[[ Bob's secret key: b = 158 ]] 

Alice sends h1 = (29 : 125 : 1) to Bob
Bob sends h2 = (60 : 59 : 1) to Alice 

Alice computed (109 : 94 : 1) using h2 and her secret a
Bob computed (109 : 94 : 1) using h1 and his secret b


# Numerical methods for PDEs