P
P
Practical Cryptography for Developers
SoftUniNakov.com
Search…
P
P
Practical Cryptography for Developers
Welcome
Preface
Cryptography - Overview
Hash Functions
MAC and Key Derivation
Secure Random Generators
Key Exchange and DHKE
Encryption: Symmetric and Asymmetric
Symmetric Key Ciphers
Asymmetric Key Ciphers
The RSA Cryptosystem - Concepts
RSA Encrypt / Decrypt - Examples
Exercises: RSA Encrypt / Decrypt
Elliptic Curve Cryptography (ECC)
ECDH Key Exchange
ECDH Key Exchange - Examples
Exercises: ECDH Key Exchange
ECC Encryption / Decryption
ECIES Hybrid Encryption Scheme
ECIES Encryption - Example
Exercises: ECIES Encrypt / Decrypt
Digital Signatures
Quantum-Safe Cryptography
More Cryptographic Concepts
Crypto Libraries for Developers
Conclusion
Powered By GitBook
ECDH Key Exchange - Examples
Now let's implement the ECDH algorithm (Elliptic Curve Diffie–Hellman Key Exchange) in Python.
We shall use the tinyec library for ECC in Python:
1
pip install tinyec
Copied!
Now, let's generate two public-private key pairs, exchange the public keys and calculate the shared secret:
1
from tinyec import registry
2
import secrets
3
​
4
def compress(pubKey):
5
return hex(pubKey.x) + hex(pubKey.y % 2)[2:]
6
​
7
curve = registry.get_curve('brainpoolP256r1')
8
​
9
alicePrivKey = secrets.randbelow(curve.field.n)
10
alicePubKey = alicePrivKey * curve.g
11
print("Alice public key:", compress(alicePubKey))
12
​
13
bobPrivKey = secrets.randbelow(curve.field.n)
14
bobPubKey = bobPrivKey * curve.g
15
print("Bob public key:", compress(bobPubKey))
16
​
17
print("Now exchange the public keys (e.g. through Internet)")
18
​
19
aliceSharedKey = alicePrivKey * bobPubKey
20
print("Alice shared key:", compress(aliceSharedKey))
21
​
22
bobSharedKey = bobPrivKey * alicePubKey
23
print("Bob shared key:", compress(bobSharedKey))
24
​
25
print("Equal shared keys:", aliceSharedKey == bobSharedKey)
Copied!
Run the above code example: https://repl.it/@nakov/ECDH-Key-Exchange-in-Python.
The elliptic curve used for the ECDH calculations is 256-bit named curve brainpoolP256r1. The private keys are 256-bit (64 hex digits) and are generated randomly. The public keys will be 257 bits (65 hex digits), due to key compression.
The output of the above code looks like this:
1
Alice public key: 0x66c808e6b5be6d6620934bc6ffa2b8b47f9786c002bfb06d53a0c27535641a5d1
2
Bob public key: 0x7d15195432d1ac7f38aeb054d07d9b2e1faa913b78ad04d5efdd4a1ee8d9a3191
3
Now exchange the public keys (e.g. through Internet)
4
Alice shared key: 0x90f5a1cf2ed1dbb0322178df6bb0dd72c541884618b2989a3e5e663198667a621
5
Bob shared key: 0x90f5a1cf2ed1dbb0322178df6bb0dd72c541884618b2989a3e5e663198667a621
6
Equal shared keys: True
Copied!
Due to randomization, if you run the above code, the keys will be different, but the calculated shared secret for Alice and Bob at the end will always be the same. The generated shared secret is a 257-bit integer (compressed EC point for 256-bit curve, encoded as 65 hex digits).
Previous
ECDH Key Exchange
Next
Exercises: ECDH Key Exchange
Last modified 7d ago
Copy link