Diffie Hellman + Karn Encryption
The Client and Server implement a simple one-way communication in two
- A shared secret is computed using the Diffie-Hellman protocol
where the public key of client and server are computed from
global Diffie-Hellman p and g (that are taken
from a file) and and a random number that is kept secret. The
format of the key file is simple - just 20 raw bytes of data, 10
for p and 10 for g.
- A Karn Symmetric encryption algorithm is applied
to plaintext to create ciphertext and the ciphertext is
sent from the client to the server. The server decrypts and
displays the plaintext. The 512 bit Karn key is obtained from
the shared secret.
In the Server frame, click on the "Set Params" button. This
causes the server to listen on a port number that is one higher
than the one shown in the port textfield and opens a file
chooser. Find the keyfile to use (download it
and open/select it.
- In the Client frame, click on the "Set Params" button. This
initiates the Diffie-Hellman exchange over said port, after which
the server begins listening on the port shown in the textfield.
- In the Client frame, click on the "Connect" button to make a connection
with the server on that port.
- Type some plain text into the plaintext textfield in the
- In the Client frame click "Send".
DHGenerator: runs with an argument that is the name of a
file. Computes a 10 byte random number for p and
for g. The numbers are in raw byte format and are stored
consecutively in the file.
DHExchange: runs with an argument that is the name of a file.
Reads p and g from the that file, computes a 128
byte random BigInteger, and the secret and computes a public key
from those three numbers. The secret and the public key are both
Karn: takes a secret as argument to the constructor. Returns
an object from which method "encrypt" may encrypt its plaintext
argument and method "decrypt" may decrypt its ciphertext argument.
KarnClient: builds the gui and controls the classes that
deliver a ciphertext securely to the server. Also, makes the
connection with the server to transmit the ciphertext. The
encypted output is a BigInteger, radix 32, and is turned into a
string when transmitted.
DHClient: responsible for completing a Diffie-Hellman
exchange with the server. Uses DHExchange. Has methods
setDHKey, connect, and doit which are run consecutively from
KarnServer: builds the gui and controls the classes that
receive and decrypt a ciphertext from the client. Operates a
socketserver on two ports - one for the exchange and one to
DHServer: the counterpart to DHClient. Spawns a
KeyServerConnection process for completing the transaction that
leads to a shared secret.
KeyServerConnection: completes an exchange with a client.
ServerConnection: receives and decrypts an incoming message.