2004-06-17 SRIV The Diffie-Hellman key agreement protocol (also called exponential key agreement) was developed by Diffie and Hellman in 1976. The protocol allows two users to exchange a secret key over an insecure medium without any prior secrets.
Because the numbers calculated in the program are larger than what stock tcl can handle, you must load a bignum extension. For a simple pure tcl demonstration, I chose to use the {MPA] extension to handle the large integers. This operates relatively slow, so keep your numbers small, perhaps around 4 digits maximum.
You would typically run this program on two separate computers, although for testing just run it two times on the same computer.
lappend auto_path lib package require mpa #Can be any prime number set prime_num 571 #Has to be a number that is less than prime_num, typically small for speed set number 3 puts -nonewline "Enter a secret number:< " flush stdout gets stdin private_val #Calculate public value 3 ^ $private_val mod $prime_num set public_val [::mpa::int::mod [::mpa::int::pow $number $private_val] $prime_num] puts "This is a public value that you send to your partner site:> $public_val" puts -nonewline "Enter the public value that you received from your partner site:< " flush stdout gets stdin public_val #Calculate your common key value $public_val ^ $private_val % $prime_num set common_val [::mpa::int::mod [::mpa::int::pow $public_val $private_val] $prime_num] puts "Your commmon key value to use for encryption is:> $common_val"
Sample results from two instances
Machine #1:
Enter a secret number:< 123 This is a public value that you send to your partner site:> 343 Enter the public value that you received from your partner site:< 217 Your commmon key value to use for encryption is:> 277
Machine #2:
Enter a secret number:< 321 This is a public value that you send to your partner site:> 217 Enter the public value that you received from your partner site:< 343 Your commmon key value to use for encryption is:> 277
Note how both machines derive a common number, 277, without revealing enough information to actually calculate that common number.