The Diffie-Hellman is a key exchange algorithm, which we securely exchanging keys over a public network and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.also this tutorial we will perform a man in the middle attack against a DH key exchange algorithm. The attacker takes up a position between two people. Now we see real security threat of Diffie hellman, but this type of attack also called a bucket bridge attack. we need to know about the basic calculation of Diffie hellman its simply k=gx mod n, this calculation is help to the generating key.example, the assume two people namely Alice and bob, tom is middle man in communication media. when Alice and Bob are exchanging symmetric keys on the public channel then tom tries to access or hold and capture keys. for the Alice tom act as a bob and for the bob tom act as an Alice. now we see this theory practically below.
n=353 #prime number
g=3 #an integer
xa=97 #alice private key
xb=233 #bob privaet key
aliceSends = (g**xa)%n
bobSends = (g**xb)%n
print ("alice sends public key=",aliceSends)
print ("alice sends public key=",bobSends)
After they exchange public keys, each can compute the common secrete key:
K1= (bobSends**xa)%n
K2= (aliceSends**xb)%n
print ("alice compute", K1)
print ("bob compute", K2)
Now we applied Man in the middle attack on Diffie-hellman
assume the tom is attacker which try access key Alice and bob
tom generates two private key and tom know about n and g value
xtom1= 23 # Random number 1
xtom2= 92 # Random number 2
for_alice_public_key=(g**xtom1)%n
for_bob_public_key=(g**xtom2)%n
print("tom generate public key for alice",for_alice_public_key)
print("tom generate public key for bob",for_bob_public_key)
as we know tom is the middle person of Alice and bob in communication media and tom tries to capture the public key of Alice and bob, And stop the exchange key. then tom shares its own generate the public key to Alice and bob. the original key calculates by tom.
print ("tom get alice key ", aliceSends)
print ("tom get bob key ", bobSends)
After getting the public key, tom send the fake public key to Alice and bob
then Alice and bob is calculating them
alice_calculate_private_key=(for_bob_public_key**xa)%n
tom_calculate_for_alice_private_key=(aliceSends**xtom2)%n
bob_calculate_private_key=(for_alice_public_key**xb)%n
tom_calculate_for_bob_private_key=(bobSends**xtom1)%n
Now Tom got Alice and bob private key for decode the any packet or message
print("tom pribvate key for alice =",alice_calculate_private_key)
print("alice pribvate key =",tom_calculate_for_alice_private_key)
print("--------------------------------------------------------")
print("tom pribvate key for bob =",bob_calculate_private_key)
print("bob pribvate key =",tom_calculate_for_bob_private_key)