Diffie-Hellman and Karn Symmetric Encryption
KarnClient.java    KarnServer.java    Karn.java    DHExchange.java    DHGenerator.java    key file

KarnClient and KarnServer implement a simple one-way communication in two steps:

  1. A shared secret is computed using the Diffie-Hellman protocol where the public key of client and server are computed from global Diffie-Hellman p and g (that are taken from a file) and and a random number that is kept secret. The format of the key file is simple - just 20 raw bytes of data, 10 for p and 10 for g.
  2. A Karn Symmetric encryption algorithm is applied to plaintext to create ciphertext and the ciphertext is sent from the client to the server. The server decrypts and displays the plaintext. The 512 bit Karn key is obtained from the shared secret.


  1. Start the server and click on the "Set Params" button. This causes the server to listen on a port number that is one higher than the one shown in the port textfield.
  2. Start the client and click on the "Set Params" button. This initiates the Diffie-Hellman exchange over said port, after which the server begins listening on the port shown in the textfield.
  3. On the client, click on the "Connect" button to make a connection with the server on that port.
  4. Type some plain text into the plaintext textfield on the client.
  5. Click "Send" on the client.

    DHGenerator: runs with an argument that is the name of a file. Computes a 10 byte random number for p and for g. The numbers are in raw byte format and are stored consecutively in the file.
    DHExchange: runs with an argument that is the name of a file. Reads p and g from the that file, computes a 128 byte random BigInteger, and (the secret) and computes a public key from those three numbers. The secret and the public key are both accessible publicly.
    Karn: takes a secret as argument to the constructor. Returns an object from which method "encrypt" may encrypt its plaintext argument and method "decrypt" may decrypt its ciphertext argument.
    KarnClient: builds the gui and controls the classes that deliver a ciphertext securely to the server. Also, makes the connection with the server to transmit the ciphertext. The encypted output is a BigInteger, radix 32, and is turned into a string when transmitted.
    DHClient: responsible for completing a Diffie-Hellman exchange with the server. Uses DHExchange. Has methods setDHKey, connect, and doit which are run consecutively from KarnClient.
    KarnServer: builds the gui and controls the classes that receive and decrypt a ciphertext from the client. Operates a socketserver on two ports - one for the exchange and one to receive messages.
    DHServer: the counterpart to DHClient. Spawns a KeyServerConnection process for completing the transaction that leads to a shared secret.
    KeyServerConnection: completes an exchange with a client.
    ServerConnection: receives and decrypts an incoming message.