Diffie-Hellman key exchange.
Alice and Bob use Diffie-Hellman key exchange to share secrets. They start with prime numbers, pick private keys, generate and share public keys, and then generate a shared secret key.
The test program supplies prime numbers p and g.
Alice picks a private key, a, greater than 1 and less than p. Bob does the same to pick a private key b.
Alice calculates a public key A.
A = g**a mod p
Using the same p and g, Bob similarly calculates a public key B from his private key b.
Alice and Bob exchange public keys. Alice calculates secret key s.
s = B**a mod p
s = A**b mod p
The calculations produce the same result! Alice and Bob now share secret s.
Python, as of version 3.6, includes two different random modules.
The module called
random is pseudo-random, meaning it does not generate
true randomness, but follows an algorithm that simulates randomness.
Since random numbers are generated through a known algorithm, they are not truly random.
random module is not correctly suited for cryptography and should not be used,
precisely because it is pseudo-random.
For this reason, in version 3.6, Python introduced the
secrets module, which generates
cryptographically strong random numbers that provide the greater security required for cryptography.
Since this is only an exercise,
random is fine to use, but note that it would be
very insecure if actually used for cryptography.
Sometimes it is necessary to raise an exception. When you do this, you should include a meaningful error message to indicate what the source of the error is. This makes your code more readable and helps significantly with debugging. Not every exercise will require you to raise an exception, but for those that do, the tests will only pass if you include a message.
To raise a message with an exception, just write it as an argument to the exception type. For example, instead of
raise Exception, you should write:
raise Exception("Meaningful message indicating the source of the error")
To run the tests, run
Alternatively, you can tell Python to run the pytest module:
python -m pytest diffie_hellman_test.py
-v: enable verbose output
-x: stop running tests on first failure
--ff: run failures from previous test before running other test cases
For other options, see
python -m pytest -h
Note that, when trying to submit an exercise, make sure the solution is in the
You can find your Exercism workspace by running
exercism debug and looking for the line that starts with
For more detailed information about running tests, code style and linting, please see Running the Tests.
Wikipedia, 1024 bit key from www.cryptopp.com/wiki. http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
It's possible to submit an incomplete solution so you can see how others have completed the exercise.
import unittest from diffie_hellman import private_key, public_key, secret # Tests adapted from `problem-specifications//canonical-data.json` class DiffieHellmanTest(unittest.TestCase): def test_private_key_is_greater_than_1_and_less_than_p(self): primes = [5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47] for p in primes: self.assertTrue(1 < private_key(p) < p) def test_private_key_is_random(self): """ Can fail due to randomness, but most likely will not, due to pseudo-randomness and the large number chosen """ p = 2147483647 private_keys = [private_key(p) for _ in range(5)] self.assertEqual(len(set(private_keys)), len(private_keys)) def test_can_calculate_public_key_using_private_key(self): p = 23 g = 5 private_key = 6 self.assertEqual(8, public_key(p, g, private_key)) def test_can_calculate_secret_using_other_party_s_public_key(self): p = 23 their_public_key = 19 my_private_key = 6 self.assertEqual(2, secret(p, their_public_key, my_private_key)) def test_key_exchange(self): p = 23 g = 5 alice_private_key = private_key(p) bob_private_key = private_key(p) alice_public_key = public_key(p, g, alice_private_key) bob_public_key = public_key(p, g, bob_private_key) secret_a = secret(p, bob_public_key, alice_private_key) secret_b = secret(p, alice_public_key, bob_private_key) self.assertTrue(secret_a == secret_b) if __name__ == "__main__": unittest.main()
import secrets def private_key(p): return 2 + secrets.randbelow(p - 2) def public_key(p, g, private): return pow(g, private, p) def secret(p, public, private): return pow(public, private, p)
I encountered two problems when trying to write this program. First, secrets.randbelow(p) returns an integer between [0, p), but the algorithm requires a private key from the interval (1, p). Since we are dealing with integers, this is just the same set as 2 + [0, p-2), so I used 2 + secrets.randbelow(p-2).
The second problem was that I was trying to use math.pow(public, private) % p to calculate the secret value. However, every now and then the tests would fail. I found out that math.pow(22, 22) % 23 was returning 14. However, we know from Fermat's little theorem that a^(p-1) mod p = 1 when p and a are co-prime. So 22^22 mod 23 should be 1. I believe this was happening because of the size of 22^22, which is something like 3.4e29, and so possibly the smaller significant digits are not stored.
The built-in function pow() on the other hand, accepts a third argument for the modulus. I think this performs its calculations using fast modular exponentiation. pow(22, 22, 23) returns 1