TweedleDH – Diffie-Hellman key exchange over Twitter (and other means)
This tool runs as a localhost web server and lets you generate a shared secret with a friend. This secret can be used as a key for Sealed with a Tweet or other symmetric encryption tools (e.g. a password for a zip file).
There’s a tutorial at http://j.mp/privacy4dummies. Here’s a pictorial summary:
DH stands for the Diffie-Hellman key exchange. It’s a neat trick that lets 2 people (say, Alice and Bob) generate a shared secret by exchanging public keys. Even if evil Eve is eavesdropping on that communication and knows both public keys, she can’t compute the shared secret from them.
What’s a tweedle?
A tweedle is a couple of urls (called TweedleD and TweedleH). Each is about 100 characters long, which makes them short enough for a tweet or direct message (DM). Together, they define a DH public key.
Both tweedle urls point to http://loclalhost:89331 which is the TweedleDH application running on your own computer. if Bob visits both of Alice’s TweedleD and TweedleH urls while his TweedleDH app is running (doesn’t matter in which order he visits them), he’ll be able to see the shared secret.
This doesn’t mean that Alice knows it yet. Bob will have to tweet [or otherwise send] his tweedle urls to Alice so that she can visit them (actually, she’ll visit her own TweedleDH app) and get the shared secret too.
How to install
- You need to have Python installed on your machine. On most modern platforms (including many phones), it already is, but if you have Windows, ActiveState Python seems to be less of a hassle to work with than the python.org distribution (or so they say).
- You’ll need to install Web.py
- If you’re on Windows, you’ll also need winrandom-ctype
- Download TweedleDH to a folder (e.g. c:\mystuff if you’re on Windows) and extract the .zip or .tgz file there. This will create a folder with a name like thedod-tweedledh-a5a7102. You can rename it to tweedledh or anything else if you want.
How to use
- Open a shell window (or cmd or terminal or whatever it’s called on your OS).
- Change to the directory that contains tweedledh.py (e.g.
cd \mystuff\tweedledhfrom the C:\> prompt on Windows).
- Run the script by typing
python tweedledh.py(if you’re using ActiveState Python on Windows, just type
- once the server is up, you’ll see the message
http://127.0.0.1:8933/. This means you can now access TweedleDH from your browser.
- If you already have tweedle urls sent to you by your friend, visit then both. Otherwise, simply go to http://127.0.0.1:8933 (the “civilized” notation – http://localhost:8933 – will also work).
- From then on, it should be self explanatory (please let me know if it isn’t).
- To stop the server, hit Ctrl+C.
1 8933 is twee on a telephone’s keypad. It is not advised to change the port because you and your friend will be generating urls for each othe to visit, and it kinda breaks down if you’re on different ports.