Register for your free account! | Forgot your password?

Go Back   elitepvpers > MMORPGs > Conquer Online 2 > CO2 Programming
You last visited: Today at 09:41

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement



[GUIDE] Diffie Hellman Key Exchange

Discussion on [GUIDE] Diffie Hellman Key Exchange within the CO2 Programming forum part of the Conquer Online 2 category.

Reply
 
Old   #1
 
elite*gold: 0
Join Date: Dec 2006
Posts: 1,039
Received Thanks: 1,334
[GUIDE] Diffie Hellman Key Exchange

First, the Diffie Hellman (DH) Key Exchange is a cryptographic method of sharing a secret key over a public or insecure network, this key can be used to encrypt and decrypt data using symmetric key ciphers such as Blowfish as used by CO
In this guide I'll cover the basic concept on how DH works and how to generate keys.
I'll be be using two hosts/computers for my explanation, I'll refer to them as PC1 and PC2.
Now, both PC1 and PC2 need to agree on a Prime number (P) greater than 2 and an Integer (G) which is less than P. PC1 generates the P and G and sends them over to PC2, it's not a big deal if a spy or hacker gains access to the P and G, since that's the whole idea of of using DH in an insecure network. Next both PC's generate a random secret key (let's call this X) which will never be sent over the network, X also has to be less than P-1, now let's apply what we did now.
PC1 Generates P=41, G=35 and sends them over to PC2, both now have the same P and G, PC1 generates X=9, PC generates X=24, so that means:
Code:
PC1:		PC2:
P=41		P=41
G=35		G=35
X=9		X=24
Now we start getting our public keys and secret keys (that's different than random secret key X), first on PC1 we get our integer and raise it to the power of our X then we mod (modulus) by our prime number, (G^X) % P, that's now our public key, we send that public key over to PC2, now PC2 takes that public key and raises it to the power of it's own X then mod by P again, that's our Secret Key of PC2, formula (PC1_PubKey^X) % P, now we also do the same process on PC2 by generating the PC2 pub key using the same formula (G^X) % P and send it to PC1 and do the same and get the PC1 Secret Key using the formula (PC2_PubKey^X) % P, and that turns out to be the same public key as the one on PC2 without actually sending it over the network. Now even though this information was sent over a public/insecure network, the random secrets (X) were never sent over the network and that makes it extremely difficult to reverse these numbers. Now let's use my examples above.

Code:
PC1:		PC2:
P=41		P=41
G=35		G=35
X=9		X=24
PC1: (35^9) % 41 = 22, set that as public key and send over to PC2
PC2: (22^24) % 41 = 18, that's our Secret Key, now we generate a public key, (35^24) % 41 = 16, send it to PC1
PC1: (16^9) % 41 = 18, that's the same secret key as PC2

Code:
PC1:						PC2:
P=41						P=41
G=35						G=35
X=9						X=24

Step 1: 35^9 % 41 = 22 (Sent to PC2)		Step 2: 22^24 % 41 = 18 (Not Sent)
Step 4: 16^9 % 41 = 18 (Not Sent)		Step 3: 35^24 % 41 = 16 (Sent to PC1)

PubKey = 22					PubKey = 16
SecretKey = 18					SecretKey = 18
Hope you like it and don't forget a +Thanks



gabrola is offline  
Thanks
7 Users
Old 02/23/2010, 21:36   #2
 
elite*gold: 20
Join Date: Jan 2008
Posts: 2,012
Received Thanks: 2,878
I don't see why this isn't sufficient?
Diffie?Hellman key exchange - Wikipedia, the free encyclopedia

Why bother posting another explanation when there already is one?


InfamousNoone is offline  
Old 02/23/2010, 21:58   #3
 
elite*gold: 0
Join Date: Dec 2006
Posts: 1,039
Received Thanks: 1,334
Never looked at the wikipedia page, they usually don't give an easy to understand explanation, but not this time.
gabrola is offline  
Old 02/23/2010, 22:48   #4
 
elite*gold: 0
Join Date: Jun 2009
Posts: 378
Received Thanks: 139
I don't believe anything on Wikipedia because its so easy for someone to change the information and you can never be sure of its quality of material good explanation Gabby. This should help noobies understand it a little more. Or not at all.


ImFlamedCOD is offline  
Old 02/24/2010, 00:12   #5
 
elite*gold: 20
Join Date: Mar 2006
Posts: 6,124
Received Thanks: 2,507
Its a good post.....but im not sure why this is neccassery.

For one thing like inf said its already documented, not only on the wiki, but on hundreds/thousands of other websites.

And for anouther, unless you wanted to completely write your own DH Key exchange, and your own Blowfish cipher, i dont really see why this information is relevant to anyone. You can use pre-made libaries to do this sort of thing, and i would imagine that they are in most cases faster than you could make them by yourself.
Korvacs is offline  
Old 02/24/2010, 06:30   #6
 
elite*gold: 0
Join Date: Dec 2006
Posts: 1,039
Received Thanks: 1,334
It's still useful to know how these libraries work instead of just using them
gabrola is offline  
Old 06/15/2012, 15:32   #7
 
elite*gold: 0
Join Date: Apr 2012
Posts: 92
Received Thanks: 4
lol your the best understanding method i ever met thx ya fla7 :P
Healian is offline  
Old 06/17/2012, 18:37   #8
 
elite*gold: 0
Join Date: Aug 2008
Posts: 94
Received Thanks: 19
is that means that the G and P are only known by the server ? and server will send it to clients ? or client already has the P and G ? !!!
and !! if it only known by server ? so the only way to know them is to trick the server to connect to me via proxy ... and send em to me first ? !!
romeoromeo is offline  
Old 06/18/2012, 23:31   #9
 
elite*gold: 21
Join Date: Jul 2005
Posts: 9,193
Received Thanks: 5,350
Quote:
Originally Posted by romeoromeo View Post
is that means that the G and P are only known by the server ? and server will send it to clients ? or client already has the P and G ? !!!
and !! if it only known by server ? so the only way to know them is to trick the server to connect to me via proxy ... and send em to me first ? !!
P and G are sent publicly over the network. Using a proxy like you describe is called a man in the middle attack and is how the conquer proxies were written.

You generate your own P/G for the server and respond to the client's P/G with your own response.

This way you have different encryption set up to go Client<->Proxy and a separate instance going Proxy<->Server.
pro4never is offline  
Old 06/19/2012, 00:52   #10
 
elite*gold: 0
Join Date: Aug 2008
Posts: 94
Received Thanks: 19
Quote:
You generate your own P/G for the server and respond to the client's P/G with your own response.
sorry it now confuse me again ....
sender and reciver have same P and g .... then each get random x and send resut of (x^p mod G) then generate the secret key ? thats it ?????
if P and G are sent publicly ... by server?.. and if P and G have to be same for both sender and reciever ... and each one will generate the Random x in order to get the secret key !!
why i generate my own P & G again if it already sent publicly ?
and (if) i generate my own P and G ... how can i be sure its same as server P and g
romeoromeo is offline  
Old 06/26/2012, 20:50   #11
 
elite*gold: 0
Join Date: Dec 2011
Posts: 1,537
Received Thanks: 785
Before you look into this, learn cryptography.


I don't have a username is offline  
Reply



« Need help with autopotter | [Question] Registry »

Similar Threads
exchange gold to silk and exchange gold ^^
07/27/2011 - Silkroad Online Trading - 37 Replies
Liking the title, we can help you exchange gold to silk (epin-card).what's more?we can also help you exchange gold from one server to another server . contact ways: Email/MSN: [email protected] Yahoo! Messenger: [email protected] AOL AIM: [email protected] Skype:
Blowfish & Diffie-Hellman
08/07/2010 - CO2 Private Server - 2 Replies
I don't know why, I make the same thing that I make on my PacketLogger, but with a new system (Blowfish/DH) and it's not working. When I check, the IVs are good, the P/G/A/B keys are the good, but I can't decrypt the first client packet... I know how work the blowfish system and the DH exchange. Any idea? private void ServerReceiveHandler(Client Client, Byte Data) { Client.CBlowfish.Decrypt(Data); try { if...



All times are GMT +1. The time now is 09:41.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

BTC: 33E6kMtxYa7dApCFzrS3Jb7U3NrVvo8nsK
ETH: 0xc6ec801B7563A4376751F33b0573308aDa611E05

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2020 elitepvpers All Rights Reserved.