GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CRYPT::PK::DH (3)

.ds Aq ’

NAME

Crypt::PK::DH - Public key cryptography based on Diffie-Hellman

CONTENTS

SYNOPSIS



 ### OO interface

 #Encryption: Alice
 my $pub = Crypt::PK::DH->new(Bob_pub_dh1.key);
 my $ct = $pub->encrypt("secret message");
 #
 #Encryption: Bob (received ciphertext $ct)
 my $priv = Crypt::PK::DH->new(Bob_priv_dh1.key);
 my $pt = $priv->decrypt($ct);

 #Signature: Alice
 my $priv = Crypt::PK::DH->new(Alice_priv_dh1.key);
 my $sig = $priv->sign_message($message);
 #
 #Signature: Bob (received $message + $sig)
 my $pub = Crypt::PK::DH->new(Alice_pub_dh1.key);
 $pub->verify_message($sig, $message) or die "ERROR";

 #Shared secret
 my $priv = Crypt::PK::DH->new(Alice_priv_dh1.key);
 my $pub = Crypt::PK::DH->new(Bob_pub_dh1.key);
 my $shared_secret = $priv->shared_secret($pub);

 #Key generation
 my $pk = Crypt::PK::DH->new();
 $pk->generate_key(128);
 my $private = $pk->export_key(private);
 my $public = $pk->export_key(public);

 ### Functional interface

 #Encryption: Alice
 my $ct = dh_encrypt(Bob_pub_dh1.key, "secret message");
 #Encryption: Bob (received ciphertext $ct)
 my $pt = dh_decrypt(Bob_priv_dh1.key, $ct);

 #Signature: Alice
 my $sig = dh_sign_message(Alice_priv_dh1.key, $message);
 #Signature: Bob (received $message + $sig)
 dh_verify_message(Alice_pub_dh1.key, $sig, $message) or die "ERROR";

 #Shared secret
 my $shared_secret = dh_shared_secret(Alice_priv_dh1.key, Bob_pub_dh1.key);



METHODS

    new



  my $pk = Crypt::PK::DH->new();
  #or
  my $pk = Crypt::PK::DH->new($priv_or_pub_key_filename);
  #or
  my $pk = Crypt::PK::DH->new(\$buffer_containing_priv_or_pub_key);



    generate_key

Uses Yarrow-based cryptographically strong random number generator seeded with random data taken from /dev/random (UNIX) or CryptGenRandom (Win32).



 $pk->generate_key($keysize);
 ### $keysize (in bytes) corresponds to DH params (p, g) predefined by libtomcrypt
 # 96   =>  DH-768
 # 128  =>  DH-1024
 # 160  =>  DH-1280
 # 192  =>  DH-1536
 # 224  =>  DH-1792
 # 256  =>  DH-2048
 # 320  =>  DH-2560
 # 384  =>  DH-3072
 # 512  =>  DH-4096



    import_key

Loads private or public key (exported by export_key).



  $pk->import_key($filename);
  #or
  $pk->import_key(\$buffer_containing_key);



    export_key



 my $private = $pk->export_key(private);
 #or
 my $public = $pk->export_key(public);



    encrypt



 my $pk = Crypt::PK::DH->new($pub_key_filename);
 my $ct = $pk->encrypt($message);
 #or
 my $ct = $pk->encrypt($message, $hash_name);

 #NOTE: $hash_name can be SHA1 (DEFAULT), SHA256 or any other hash supported by Crypt::Digest



    decrypt



 my $pk = Crypt::PK::DH->new($priv_key_filename);
 my $pt = $pk->decrypt($ciphertext);



    sign_message



 my $pk = Crypt::PK::DH->new($priv_key_filename);
 my $signature = $priv->sign_message($message);
 #or
 my $signature = $priv->sign_message($message, $hash_name);

 #NOTE: $hash_name can be SHA1 (DEFAULT), SHA256 or any other hash supported by Crypt::Digest



    verify_message



 my $pk = Crypt::PK::DH->new($pub_key_filename);
 my $valid = $pub->verify_message($signature, $message)
 #or
 my $valid = $pub->verify_message($signature, $message, $hash_name);

 #NOTE: $hash_name can be SHA1 (DEFAULT), SHA256 or any other hash supported by Crypt::Digest



    sign_hash



 my $pk = Crypt::PK::DH->new($priv_key_filename);
 my $signature = $priv->sign_hash($message_hash);



    verify_hash



 my $pk = Crypt::PK::DH->new($pub_key_filename);
 my $valid = $pub->verify_hash($signature, $message_hash);



    shared_secret



 # Alice having her priv key $pk and Bobs public key $pkb
 my $pk  = Crypt::PK::DH->new($priv_key_filename);
 my $pkb = Crypt::PK::DH->new($pub_key_filename);
 my $shared_secret = $pk->shared_secret($pkb);

 # Bob having his priv key $pk and Alices public key $pka
 my $pk = Crypt::PK::DH->new($priv_key_filename);
 my $pka = Crypt::PK::DH->new($pub_key_filename);
 my $shared_secret = $pk->shared_secret($pka);  # same value as computed by Alice



    is_private



 my $rv = $pk->is_private;
 # 1 .. private key loaded
 # 0 .. public key loaded
 # undef .. no key loaded



    size



 my $size = $pk->size;
 # returns key size in bytes or undef if no key loaded



    key2hash



 my $hash = $pk->key2hash;

 # returns hash like this (or undef if no key loaded):
 {
   type => 0,   # integer: 1 .. private, 0 .. public
   size => 256, # integer: key size in bytes
   name => "DH-2048", # internal libtomcrypt name
   x => "FBC1062F73B9A17BB8473A2F5A074911FA7F20D28FB...", #private key
   y => "AB9AAA40774D3CD476B52F82E7EE2D8A8D40CD88BF4...", #public key
}



FUNCTIONS

    dh_encrypt

DH based encryption as implemented by libtomcrypt. See method encrypt below.



 my $ct = dh_encrypt($pub_key_filename, $message);
 #or
 my $ct = dh_encrypt(\$buffer_containing_pub_key, $message);
 #or
 my $ct = dh_encrypt($pub_key_filename, $message, $hash_name);

 #NOTE: $hash_name can be SHA1 (DEFAULT), SHA256 or any other hash supported by Crypt::Digest



Encryption works similar to the Crypt::PK::ECC encryption whereas shared DH key is computed, and the hash of the shared key XOR’ed against the plaintext forms the ciphertext.

    dh_decrypt

DH based decryption as implemented by libtomcrypt. See method decrypt below.



 my $pt = dh_decrypt($priv_key_filename, $ciphertext);
 #or
 my $pt = dh_decrypt(\$buffer_containing_priv_key, $ciphertext);



    dh_sign_message

Generate DH signature as implemented by libtomcrypt. See method sign_message below.



 my $sig = dh_sign_message($priv_key_filename, $message);
 #or
 my $sig = dh_sign_message(\$buffer_containing_priv_key, $message);
 #or
 my $sig = dh_sign_message($priv_key, $message, $hash_name);



    dh_verify_message

Verify DH signature as implemented by libtomcrypt. See method verify_message below.



 dh_verify_message($pub_key_filename, $signature, $message) or die "ERROR";
 #or
 dh_verify_message(\$buffer_containing_pub_key, $signature, $message) or die "ERROR";
 #or
 dh_verify_message($pub_key, $signature, $message, $hash_name) or die "ERROR";



    dh_sign_hash

Generate DH signature as implemented by libtomcrypt. See method sign_hash below.



 my $sig = dh_sign_hash($priv_key_filename, $message_hash);
 #or
 my $sig = dh_sign_hash(\$buffer_containing_priv_key, $message_hash);



    dh_verify_hash

Verify DH signature as implemented by libtomcrypt. See method verify_hash below.



 dh_verify_hash($pub_key_filename, $signature, $message_hash) or die "ERROR";
 #or
 dh_verify_hash(\$buffer_containing_pub_key, $signature, $message_hash) or die "ERROR";



    dh_shared_secret

DH based shared secret generation. See method shared_secret below.



 #on Alice side
 my $shared_secret = dh_shared_secret(Alice_priv_dh1.key, Bob_pub_dh1.key);

 #on Bob side
 my $shared_secret = dh_shared_secret(Bob_priv_dh1.key, Alice_pub_dh1.key);



SEE ALSO

o <https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange>
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 CRYPT::PK::DH (3) 2016-01-25

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.