this is a prebuilt version of the
application so let's
go ahead and start the server
and two clients
now the diffie-hellman key exchange
method allows two parties Alice and Bob
that have no prior knowledge of each
other to jointly establish a shared
secret key over an unsecure network so
Passive Eve here can see all their
communications so p here is a prime
number and alpha is a primitive root
modulo p and Alice and Bob agree to use
p equal to 23 and alpha is equal to 5
and for the purpose of this tutorial i
had the first user that logs-in enter
those values
so Alice chooses a secret key and sends
Bob the calculated public key
A and Bob does the same thing he chooses
a secret key and sends Alice the
calculated public key B so
A is congruent to alpha^a
mod p so we end up with
4 mod 23 and B is congruent to
alpha ^ b mod p so we end up with 10 mod 23
now Alice computes the shared secret
key s and Bob does same thing so for
Alice s is congruent to B^a
mod p so 18 mod 23 and for Bob s is
congruent to A^b mod p so
the same thing 18 mod 23 so Alice and
Bob now share a secret key which is the
number 18 mod 23 and only 
a and b and the
computed shared secret key are kept
secret and all other values so p and
alpha and A and B
are sent in the clear so Eve
Passive Eve can see them now much larger
values of a, b and p would be
needed to make this example secure and
Eve needs to solve the discrete
logarithm problem in order to find
a or b and then
use that to calculate the shared secret
key and for large numbers this is very
hard to do
next and before proceeding with the code
let's do a quick introduction so we will
be using the multiplicative cyclic group
Z*p where p is prime alpha is a
group generator and we have two secret
keys a and b and
possible values for those are 2 to
p-2 so what is a group what is a
cyclic group what is a group generator
and why do we start here from 2 to
p-2 instead of from 1 to p-1
and how is the concept of a group, cyclic
group, group generator all that related
to the discrete logarithm problem and
how is that in turn related to the
diffie-hellman problem so a group G with
multiplication operation is made up of a
set G with binary operation
multiplication on G where the group
operation is closed and that means that
if we have a and B in G then if we
multiply those two we end up with C
which is also in G and the group
operation is associative and that means
that multiplying a times B times C is
the same as multiplying a times b times
c for all a b c in G and there is an
identity element 1 in G where a
times 1 is equal 1 times a is equal a
for all a in G and for each a in G there
exists an element a-1 in G also
and this would be the inverse of a where
a times a-1 is equal a-1
times a is equal to a
and a group G is abelian or
commutative if a times b is equal b
times a for all a b in G so now we know
what a group is next what is a cyclic
group and what is a group generator so
we have this group G Star 13 that starts
with 1 and ends in p minus 1 in 12 and
we're saying that alpha is equal 2 is a
group generator in mod 13 so if we take
alpha to the power of 1 we end up with 2
alpha to the power of 2 we end up with 4
etc until 2 to the power of 12 we end up
with 1 and if we go over those numbers
it turns out that they are this group G
Star 13 so alpha is equal to 2 generates
this group and same thing for alpha is
equal to 6 7 and 11
there are all generators of this entire
group G Star 13 and now the cyclic part
if we go here so we have we start from 2
we end with 1 and then if we go 2 to the
power of 13 we start again from 2 and we
end in 1 for 2 to the power of 24
and then again for 2 to the power of 25
we start from 2 & for 2 to the power of 36
we end with 1 so this is the cyclic part
we're cycling back through those numbers
in this group
next let's do a quick proof of the
diffie-hellman key exchange so we had
both public keys A
and B
A ^ b and B ^ a and
they both generated the common keys for
Alice and Bob and we want to show that
those two common keys are actually the
same
so A ^ b it's the same as
alpha ^ a to the power of b
and then so we move a and b
together so alpha to the power of a
times B then we flip them so alpha to the
power of b times a and then we take
alpha to the power of b to the power of a
and so we replace alpha to the power of
b with B so we end up with
this B to the power of a
so this one is the same as
this one now somebody that is passively
monitoring the communication between
Alice and Bob has to solve the discrete
logarithm problem in order to discover
the common key that they both generated
and this problem is that given p and
beta and Z star p and a generator
alpha what is x where alpha to the power
of x is congruent to beta mode p and if
p is large enough this is a
computationally very hard problem now
the diffie-hellman problem is that we
know the generator alpha the prime
number p and both public keys
A and B and we don't know the
private keys a and b
and the common key that was generated
and our goal is to obtain that common
key which is equal to
alpha ^ (a times b)
and one way to solve the diffie-hellman
problem is to compute a from
A or b from B
using discrete logarithm but it is not
proven that solving the discrete
logarithm problem is the only way of
solving the Diffie-Hellman problem and we
can generalize the discrete logarithm
problem so that instead of the operator
on that the group is multiplication we
can also have addition as an operator so
alpha is a generator and beta is in G
and we need to find x where beta is
equal alpha this would be either
multiplication or addition times alpha
etc x times and if we have
multiplication it would be alpha to the
power of x and if we have addition it
will be x times alpha and addition
is what we use with elliptic curves and
next let's quickly go over why we
pick the secret keys from 2 to p minus 2
and we don't use 1 or p minus 1 in
practice and we do that since for G with
multiplication operation we have alpha
alpha to the power of 2 alpha to the
power of 3 etc alpha to the power of p
minus 1 they generate this group and if
we use fermat little theorem we know that
alpha to the power of
p is congruent to alpha mode p which
means that alpha to the power of p minus
1 is congruent to 1 in mode p and for a
is equal p minus 1 then A will
be equal to 1 and Eve can conclude that
the secret key a is equal to p
minus 1 and if for a for lowercase a is
equal to 1
we'll get A is equal to
alpha and if Eve sees that she can conclude
that the secret key a is equal to 1
I will start by creating a new
project
and I downloaded this package that we
will need for doing JSON so we will go
to properties and Java build path
and the code will be in two packages one
for the server code and another one for
the client code now on the server side
we will have two classes a server class
with a main method and a server thread
class
that will extend from thread and
overwrite the run method
and on the client side we will have
three classes a client class with a
main method and an incoming message
thread class
and an outgoing message thread class
and those two classes will extend
thread and override the run method
now the server thread will have a server
and the BufferedReader and a PrintWriter
instance variables and we will
initialize those in the constructor so
it takes in a socket and a server and we
use the socket to pick up a buffered
reader so first we do socket dot get
input stream and then we use that
instance to pick up an input stream
reader and we use that to pick up a
buffered reader and also we use a socket
to get an output stream and we use that
to pick up a print writer
and for the server class
it will be listening for connections on
this port and accept those connections
with the accept method here and here we
will have a set of server threads for
the clientd that this server is
interacting with
and here we indicate that Passive
Eve can see all communications of this server
and here we instantiate a server thread
for each client and we put that thread
in the set of server threads and then
we call the start method on that
server thread instance and when the operating
system decides to execute that thread it
will end up calling this run method and
we will have a get method for the server
threads and we will have this method
that forwards the message incoming from
one client to the other client so it
checks if this is different than the
originating server thread and it goes
ahead and forwards the message so let's
have a forward message method here
and this is the implementation of the
run method
so the server will open up the JSON
message sent from Alice to Bob or the
other way around and all what it is
doing here is displaying the content of
those messages so p and alpha and
A and B for the
public keys and what Alice needs to
calculate in order to obtain the common
key which is very hard if the numbers
are very big so this should do it for
the server side and next we'll do
the client side now here we will keep
track of the prime number p and the
generator alpha and the private key and
the name so Alice or Bob and the public
key name so A or B
for Alice and Bob and the public key value
and we will instantiate a client
instance and the server for the purpose
of this tutorial is gonna be on
localhost and this is the port where the
server is listening and the client will
use this class to pick up incoming
messages
so the constructor takes in a socket and
a client instance and it uses those to
initialize the client instance
variable and buffered reader instance
variable so it does socket dot get input
stream and use that to get the input stream
reader instance and use that to pick up
a buffered reader instance and this is the
class that client uses to handle
outgoing messages
so the constructor takes in a socket and
a client instance and uses the
socket to pick up an output stream and
then use that to pick up a print
writer which would be an instance
variable so now going back to the client
it will have two threads for sending and
receiving messages and what remains in
this class are get and set methods and
in the incoming message thread this is
the implementation of the run method
so here we're reading the content of the
JSON message and if it contains p and
alpha then we set those in the client
instance otherwise if it contains the
public key then we set that public key
name and value in the client also and
this handles the common key and in the
outgoing message thread class this
method initializes the domain parameters
p and alpha so for the purpose of this
tutorial I had the first person who logs
in enter those values so after picking
up those values we create a JSON object
and we put in it the name of the client
so either Alice or Bob and the value for
p and for alpha and this method prompts
the user for a private key between 2 and
p minus 2 and picks that up and
calculate the public key and display
some messages and put that public key in
a JSON object to be sent to the other
client
and this method calculates the common
key so we do that here and we display it
here and we create a JSON object to
inform the other client that we have our
common key and we are ready for
communications encrypted
communications
and finally this is the code for the run
method
so first we call the init domain
params and then we call calculate public
key and then we call the calculate
common key method and finally let's go
ahead and test run the application
we will have two clients
this is the first one
and this is the second one and let's say
p is 467 and alpha is 2
and a is 228
and b is 57
so the common key is 206 in mod 467 and
let's start
two more clients
and let's keep p as 467 and alpha as
2
and let's do a is 3 and b is 5
so the common key calculated is 78
mod 467
