NAME
Crypt::DH - Diffie-Hellman key exchange system
SYNOPSIS
use Crypt::DH;
my $dh = Crypt::DH->new;
$dh->g($g);
$dh->p($p);
## Generate public and private keys.
$dh->generate_keys;
## Send public key to "other" party, and receive "other"
## public key in return.
## Now compute shared secret from "other" public key.
my $shared_secret = $dh->compute_key( $other_pub_key );
DESCRIPTION
Crypt::DH is a Perl implementation of the Diffie-Hellman key exchange system. Diffie-Hellman is an algorithm by which two parties can agree on a shared secret key, known only to them. The secret is negotiated over an insecure network without the two parties ever passing the actual shared secret, or their private keys, between them.
THE ALGORITHM
The algorithm generally works as follows: Party A and Party B choose a property p and a property g; these properties are shared by both parties. Each party then computes a random private key integer priv_key, where the length of priv_key is at most (number of bits in p) - 1. Each party then computes a public key based on g, priv_key, and p; the exact value is
g ^ priv_key mod p
The parties exchange these public keys.
The shared secret key is generated based on the exchanged public key, the private key, and p. If the public key of Party B is denoted pub_key_B, then the shared secret is equal to
pub_key_B ^ priv_key mod p
The mathematical principles involved insure that both parties will generate the same shared secret key.
More information can be found in PKCS #3 (Diffie-Hellman Key Agreement Standard):
http://www.rsasecurity.com/rsalabs/pkcs/pkcs-3/
USAGE
Crypt::DH implements the core routines needed to use Diffie-Hellman key exchange. To actually use the algorithm, you'll need to start with values for p and g; p is a large prime, and g is a base which must be larger than 0 and less than p.
Crypt::DH uses Math::Pari internally for big-integer calculations. All accessor methods (p, g, priv_key, and pub_key) thus return Math::Pari objects, as does the compute_key method.
$dh = Crypt::DH->new
Constructs a new Crypt::DH object and returns the object.
$dh->p([ $p ])
Given an argument $p, sets the p parameter (large prime) for this Crypt::DH object.
Returns the current value of p.
$dh->g([ $g ])
Given an argument $g, sets the g parameter (base) for this Crypt::DH object.
Returns the current value of g.
$dh->generate_keys
Generates the public and private key portions of the Crypt::DH object, assuming that you've already filled p and g with appropriate values.
$dh->compute_key( $public_key )
Given the public key $public_key of Party B (the party with which you're performing key negotiation and exchange), computes the shared secret key, based on that public key, your own private key, and your own large prime value (p).
Returns the shared secret.
$dh->priv_key
Returns the private key.
$dh->pub_key
Returns the public key.
AUTHOR & COPYRIGHT
Benjamin Trott, ben@rhumba.pair.com
Except where otherwise noted, Crypt::DH is Copyright 2001 Benjamin Trott. All rights reserved. Crypt::DH is free software; you may redistribute it and/or modify it under the same terms as Perl itself.