Cryptography Python: Diffie-Hellman key exchange implementation
Im currently trying to build an implementation of the Ephemeral Diffie-Hellman algorithm using the python cryptography module. It's important for our purposes that the users are authenticated. Both Alice and Bob have a public-private key pair and a certificate signed by a certificate authority to be able to verify their public key and link it to their identity.
Using Authenticated DH means that the sent messages (see image) will be signed using the above private key.
The documentation on DH using the python cryptography library can be found here: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dh/
However, I can not seem to understand what the described exchange function actually does. Is anyone able to explain to me where to situate it in the DH-algorithm? Preferably using the analogy of the following image:
Thanks in advance!
In their example (from the POV of Alice) the private_key is the orange paint, and peer_public_key is the light blue paint. shared_key is the brown paint at the end. That means of course that you need to do this twice, once for Bob, and once for Alice.
Example code in python2:
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import dh
parameters = dh.generate_parameters(generator=2, key_size=512, backend=default_backend())
a_private_key = parameters.generate_private_key()
a_peer_public_key = a_private_key.public_key()
b_private_key = parameters.generate_private_key()
b_peer_public_key = b_private_key.public_key()
a_shared_key = a_private_key.exchange(b_peer_public_key)
b_shared_key = b_private_key.exchange(a_peer_public_key)
print 'a_secret: '+a_shared_key
print 'b_secret: '+b_shared_key
- Python method chaining in functional programming style
- flask-jwt-extended: Fake Authorization Header during testing (pytest)
- For loop through the list unless empty?
- Polars make all groups the same size
- Is there a way to specify a default base-template for all templates in django?
- How to tackle time limit exceeded error in leetcode
- Is pd.get_dummies() updated in newer versions of Pandas making it default to Booleans (True/False) instead of (0/1)?
- What's the function like sum() but for multiplication? product()?
- How to type hint a dynamically-created dataclass
- Issue with pulling the data with EIA API with Python
- 403 Forbidden Error when scraping a site, user-agents already used and updated. Any ideas?
- Fullstack web-hosting services
- How to handle an AnalysisException on Spark SQL?
- Python requests is slow and takes very long to complete HTTP or HTTPS request
- Is there a way to modify an element in a Numpy array based on the value of other elements?
- Tkinter grid manager height/width nonconsistent
- Sql Alchemy Insert Statement failing to insert, but no error
- How can I create a Polars struct while eval-ing a list?
- Excel using win32com and python
- django: on pypy, psyco, unladen swallow or cpython, which one is the fastest?
- How convert a list into multiple columns and a dataframe?
- Name not defined in type annotation
- Static type checkers and Language Servers not recognizing attributes of objects that are subclasses
- How do I get multiple OID values in PySNMP?
- how to log a file in Django
- Is there a simple and efficient way to evaluate Elementary Symmetric Polynomials in Python?
- Iterating over two lists one after another
- Python -i flag for production
- What is PyCompilerFlags in Python C API?
- How to make Python check whether a variable is a number or letter