Diffie Hellman密钥协议每次都会生成不同的密钥JAVA [英] Diffie Hellman key agreement generates different key every time JAVA

问题描述

我遇到了Diffie Hellman实现的问题。我正在使用此代码
http://www.java2s.com/ Tutorial / Java / 0490__Security / DiffieHellmanKeyAgreement.htm

I am experiencing a problem with Diffie Hellman implementation. I am using this code http://www.java2s.com/Tutorial/Java/0490__Security/DiffieHellmanKeyAgreement.htm

这实际上是我正在阅读的一本书中的一个例子。但我无法理解为什么 generateSecret（）为每个 KeyAgreement 创建一个不同的密钥。我注意到该函数创建了不同的键，即使我用相同的 KeyAgreement 两次调用它！
如果有人建议我会很高兴！

It is actually an example from one book I am reading. But I can't understand why generateSecret() creates a different key for every KeyAgreement. I have noticed the function creates different keys even if I call it with the same KeyAgreement twice! If someone has something to suggest I will be really glad!

感谢您的时间！

推荐答案

我认为示例中的部分

private static BigInteger g512 = new BigInteger("1234567890", 16);
private static BigInteger p512 = new BigInteger("1234567890", 16);

完全是假的。 p 需要是素数， g 需要是生成器。当我尝试运行该示例时，我得到一个异常。
这似乎是一个更合理的例子（但我尚未自己测试过。）

is completely bogus. p needs to be prime and gneeds to be a generator. When I try running the example I get an exception. This seems to be a more reasonable example (but I haven't tested it myself yet).

基本上DH交换的有趣输入是（ p，g ）需要生成的对，必须具有一些独特的属性。显然，上面的示例只显示了占位符值，这些值不会产生正确运行的算法（ p 不能等于 g 和 p 应该是素数，而在示例中它可以被10）整除。我链接的示例显示了如何使用库生成正确的（ p，g ）对。

Basically the interesting input to the DH exchange is that (p,g) pair which needs to be generated and must have some unique properties. Clearly, the example above shows just place holder values which will not produce a correctly functioning algorithm (p can not be equal to g and p should be prime, while in the example it is clearly divisible by 10). The example I linked to shows how to use the libraries to generate a correct (p, g) pair.

值得注意的是，DH参数生成通常与生成密钥分开。虽然DH参数有点私密，但它们不像您的私钥那么敏感，可以生成一次然后重复使用。

It is also worth noting that DH parameter generation is usually a separate step from generating the secret key. While DH parameters are somewhat private, they are not as sensitive as your private key and can be generated once and then reused.

（编辑：示例）

( Example)

AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance("DH");
paramGen.init(512); // number of bits
AlgorithmParameters params = paramGen.generateParameters();
DHParameterSpec dhSpec = params.getParameterSpec(DHParameterSpec.class);

BigInteger p512 = dhSpec.getP();
BigInteger g512 = dhSpec.getG();
int l = dhSpec.getL();
...

这篇关于Diffie Hellman密钥协议每次都会生成不同的密钥JAVA的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！