1Crypt::DH(3) User Contributed Perl Documentation Crypt::DH(3)
2
3
4
6 Crypt::DH - Diffie-Hellman key exchange system
7
9 use Crypt::DH;
10 my $dh = Crypt::DH->new;
11 $dh->g($g);
12 $dh->p($p);
13
14 ## Generate public and private keys.
15 $dh->generate_keys;
16
17 $my_pub_key = $dh->pub_key;
18
19 ## Send $my_pub_key to "other" party, and receive "other"
20 ## public key in return.
21
22 ## Now compute shared secret from "other" public key.
23 my $shared_secret = $dh->compute_secret( $other_pub_key );
24
26 Crypt::DH is a Perl implementation of the Diffie-Hellman key exchange
27 system. Diffie-Hellman is an algorithm by which two parties can agree
28 on a shared secret key, known only to them. The secret is negotiated
29 over an insecure network without the two parties ever passing the
30 actual shared secret, or their private keys, between them.
31
33 The algorithm generally works as follows: Party A and Party B choose a
34 property p and a property g; these properties are shared by both par‐
35 ties. Each party then computes a random private key integer priv_key,
36 where the length of priv_key is at most (number of bits in p) - 1. Each
37 party then computes a public key based on g, priv_key, and p; the exact
38 value is
39
40 g ^ priv_key mod p
41
42 The parties exchange these public keys.
43
44 The shared secret key is generated based on the exchanged public key,
45 the private key, and p. If the public key of Party B is denoted
46 pub_key_B, then the shared secret is equal to
47
48 pub_key_B ^ priv_key mod p
49
50 The mathematical principles involved insure that both parties will gen‐
51 erate the same shared secret key.
52
53 More information can be found in PKCS #3 (Diffie-Hellman Key Agreement
54 Standard):
55
56 http://www.rsasecurity.com/rsalabs/pkcs/pkcs-3/
57
59 Crypt::DH implements the core routines needed to use Diffie-Hellman key
60 exchange. To actually use the algorithm, you'll need to start with val‐
61 ues for p and g; p is a large prime, and g is a base which must be
62 larger than 0 and less than p.
63
64 Crypt::DH uses Math::BigInt internally for big-integer calculations.
65 All accessor methods (p, g, priv_key, and pub_key) thus return
66 Math::BigInt objects, as does the compute_secret method. The acces‐
67 sors, however, allow setting with a scalar decimal string, hex string
68 (^0x), Math::BigInt object, or Math::Pari object (for backwards compat‐
69 ibility).
70
71 $dh = Crypt::DH->new([ %param ]).
72
73 Constructs a new Crypt::DH object and returns the object. %param may
74 include none, some, or all of the keys p, g, and priv_key.
75
76 $dh->p([ $p ])
77
78 Given an argument $p, sets the p parameter (large prime) for this
79 Crypt::DH object.
80
81 Returns the current value of p. (as a Math::BigInt object)
82
83 $dh->g([ $g ])
84
85 Given an argument $g, sets the g parameter (base) for this Crypt::DH
86 object.
87
88 Returns the current value of g.
89
90 $dh->generate_keys
91
92 Generates the public and private key portions of the Crypt::DH object,
93 assuming that you've already filled p and g with appropriate values.
94
95 If you've provided a priv_key, it's used, otherwise a random priv_key
96 is created using either Crypt::Random (if already loaded), or
97 /dev/urandom, or Perl's rand, in that order.
98
99 $dh->compute_secret( $public_key )
100
101 Given the public key $public_key of Party B (the party with which
102 you're performing key negotiation and exchange), computes the shared
103 secret key, based on that public key, your own private key, and your
104 own large prime value (p).
105
106 The historical method name "compute_key" is aliased to this for compat‐
107 ibility.
108
109 $dh->priv_key([ $priv_key ])
110
111 Returns the private key. Given an argument $priv_key, sets the
112 priv_key parameter for this Crypt::DH object.
113
114 $dh->pub_key
115
116 Returns the public key.
117
119 Benjamin Trott, ben@rhumba.pair.com
120
121 Brad Fitzpatrick, brad@danga.com
122
123 Except where otherwise noted, Crypt::DH is Copyright 2001 Benjamin
124 Trott. All rights reserved. Crypt::DH is free software; you may redis‐
125 tribute it and/or modify it under the same terms as Perl itself.
126
127
128
129perl v5.8.8 2005-06-11 Crypt::DH(3)