Questions tagged [diffie-hellman]
The Diffie–Hellman key agreement is an anonymous, non-authenticated key-agreement protocol.
282
questions
0
votes
0
answers
26
views
Define DH parametes in python-mbedtls [migrated]
I'm using python-mbedtls library - https://github.com/Synss/python-mbedtls/tree/master
my goal is to create handshake with different cipher suites,
I've managed to do so with the given server and ...
1
vote
0
answers
40
views
Mutual Authentication after ECDH Exchange with pre-shared secrets
I´m currently building a protocol, in which two parties establish a connection via ECDH Key Establishment. The shared secret after ECDH is used to derivate Keys (with HKDF) for symmetric encryption.
...
1
vote
0
answers
65
views
Minimizing trust assumptions in Messaging Protocols
As I was listening to an interview yesterday, the journalist claimed that his Signal communications were being spied on by the NSA. Whether to believe him or not is subjective. Still, it is an ...
5
votes
1
answer
547
views
Why do you need random number for ECDH shared key computation
Let's assume that authentication with certificates has been well performed, next step is to generate short-term private&public ECC keys for ECDH shared key computation.
Alice: Generates keyA with ...
0
votes
1
answer
334
views
Why does the Public Key Info field in an X509 certificate for EC indicate the algorithm
The Subject Public Key Info field can have a value like ECDSA_P256 or ECDH_P256 when ECC is used.
Why is it not sufficient to specify "ECC_P256"? In other words, why is it not enough to ...
3
votes
1
answer
333
views
Benefits of the Double Ratchet protocol over the constant Ephemeral DH key exchange
I've been reading lately about the Double Ratchet protocol, how it works conceptually. I understand generally the idea behind the protocol, that it provides Forward Secrecy and Post-Compromise ...
2
votes
1
answer
119
views
DHE key exchange with p value 257 bytes but a pubkey of 256 bytes
I came across a packet capture in Wireshark where p length = 257 bytes and pubkey length = 256 bytes. See the ServerKeyExchange snip below:
Diffie-Hellman Server Params
p Length: 257
p: ...
5
votes
2
answers
7k
views
Why do I get the error "dh key too small" when the RSA key is 2048 bits?
When I try to connect to the site https://api-mte.itespp.org with OpenSSL (openssl s_client -connect api-mte.itespp.org:443 -brief), it complains that the DH key is too small. But when I analyze its ...
1
vote
2
answers
198
views
Evading authenticated diffie hellman with MITM
I understand that in a non-authenticated Diffie-Hellman setup, a man-in-the-middle attack can occur. Now i'm curious about the feasibility of the following scenario:
Let's assume a situation where www....
2
votes
2
answers
146
views
Can Fido2 hardware tokens be used for key agreement or Diffie-Hellman?
With Fido2 becoming more popular we see more and more affordable Fido2 hardware security keys on the market.
Can we use those tokens also for establishing a shared secret between two tokens?
I would ...
1
vote
0
answers
127
views
What are the ranges of values for DH parameter a and DH parameter b [closed]
I have discovered that Diffie Hellman(DH)shared key is unequal in Apple Numbers, Google Sheets, and Mac Excel (2008).
In Section 1.0, the first try at a solution uses a small Prime to produce certain ...
1
vote
2
answers
161
views
Does saving of ECDHE keypairs to HSM increase security of TLS?
When ephemeral Diffie-Hellman (DHE) is used with TLS, the key-exchange key can/will be discarded after a key-exchange. right?
Is there good reason to use HSM for generating and storing DHE key, when ...
0
votes
1
answer
535
views
Generating AES 256 key from ECDH P-384
Is there anything wrong with hashing(with SHA256) the shared secret generated by ECDH that is 384 bits long and using that as the AES key? Is there a difference between that and, say, truncating the ...
1
vote
0
answers
67
views
Question regarding DH/RSA/Public key cryptography [closed]
Courses giving introduction to cryptography often refer to an example where Alice and Bob need to communicate through an evil postman, and dispose each of a lock, its key and a box in which to send ...
2
votes
1
answer
2k
views
What's the use of HMAC or hashing in TLS or SSL inspection
In the Server hello, I got the below Cipher suite
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Now, I know that we are using DHE for the key exchange, we are using RSA for the authentication, and AES for the ...