Help in finding of Diffie-Hellman coding

zape

hi, currently i am looking for Diffie-Hellman key exchange and PAKE (password authenticated key exchange). I was wondering if any one could be so kind to direct me to a site whereby i could see the actual coding of such algo in PHP format

Thanks in advanced for ur help 🙂

bpat1434

I don't know of any sites that do this, but I do know that the [man]mcrypt[/man] or [man]mhash[/man] libraries of PHP can do similar....

Also see this document about the Diffie-Hellman-Merkle key exchange....

And the book Pro PHP Security by Chris Snyder and Michael Southwell published by Apress (R) gives a simple example as reproduced below:

Pro PHP Security wrote:
We illustrate with a highly simplified version of the Diffie-Hellman-Merkle algorithm. One side chooses a base, a number between 1 and 256 in our simplified version, and sends that base to the other side. Each side determines a secret number to use as an exponent with the base. In pseudo-code, using PHP's pow() function for computing an exponent:
$myResult = pow( $ourBase, $mySecretExponent );
Concretely, if we agree to use a value of 3 for $ourBase, and I choose 3 as $mySecretExponent, then $myResult will be 27. If you choose 2 as $yourSecretExponent, then $yourResult will be 9. Now we each send our result to the other side. Each side takes the number it receives from the other and uses it as the base when performing the same operation with its own secret exponent. The result will be exactly the same number for each:
$ourKey = pow( $yourResult, $mySecretExponent );
Concretely, your 9 with my exponent 3 yields a key of 729. My 27 with your exponent 2 yields the same key, 729. This key is known only to the two of us. An attacker can intercept any of our messages (only three are needed, to transfer the base and each result), but without guessing one of our secret exponents (a 1-in-256 chance in our simple version), he can't generate the same key (and without that key, he can't decrypt our messages).
In reality, of course, the Diffie-Hellman-Merkle algorithm makes use of much larger numbers and a somewhat more complicated mathematical technique, but the net result is the same. Both sides transform simple, plaintext information sent over public channels to arrive at a shared secret, which is then converted into a key for use with a symmetric encryption algorithm so that the conversation can continue in private.

So you'd want to use a symmetric encryption technique with this idea of a shared key. Those would be 3DES, AES, Blowfish, RC4.

As for PAKE, I got nothing....