Diffie Hellman key exchange is a method enabling two people to establish a shared secret key over an insecure medium without meeting each other. This method of cryptography is symetric as the secret key is both the same for encryption and decryption. The method has two public numbers that the two people decide upon "n" and "g" . "n" is a large prime number where (n-1)/2 is also a prime."g" is a primitive root of "n" .These two numbers are sent by one person (let this person be called "server") to the other person (let this second person be called "client"). However they can be discussed in public. When g and n have been exchanged both the Client and Server (in this example) generate a large random number "x" and then the computation "g^xmod n" can be performed. The result of these computations are then exchanged. Big X = g^xmod n. The only difference between these two calculations is the value for the private numbers x and y. At this point in the exchange the server has the numbers "n","g","Big X", "Big Y" and "x", the client also has the exact same numbers except in place of "x" it has "y" (these two numbers "x" and "y" are private to the server and the client respectively).Using these numbers and the fact that "x" and "y" are private you can generated a common secret shared key using the following formula :Where as before BigX=(g^xmod n) and BigY=(g^ymod n) From these formulae we see that both the client and the server have the same number. But they never diclosed their private numbers "x" and "y" while calculating (g^xymod n). The result of "(g^xymod n) " is that now the Client and Server share a secret key which noboday else can have apart from the Client and the Server. They can then use this shared number as the key for an encryption algorithm. If somebody had received all messages this protocol is still secure as long as the prime number was large and the private numbers were around 512 bit numbers. This is because there is no practical algorithm for computing discrete logarithms modulo of very large prime numbers.

I have described Diffie Hellman key exchange and the Facade design pattern, now I will describe how I implemented the Diffie Hellman key exchange using the Facade pattern. The application is a console application. It can be run in "Server" mode(listening) or "Client" mode. When two instances (a client instance and a server instance) of this application are run either on the same machine or two remote machines they are able to decide upon a key which later can be used for encryption (a screen dump of this happening can be seen here). It is written in C++ compiled with Microsoft Visual Studio .NET. There is inheritance, virtual methods, destructors and constructors used as per specification for project. There in one main class; the base class; named "Client_Server". This class contains all the variables needed for the running of the application. All the methods in this class are virtual so they can be overloaded or expanded upon by the derived classes, "Client" and "Server". The methods in these three classes use the methods of the "BIG" class The "BIG" class is able to handle numbers of up to 1024 bits. The reason I needed this class is that the numbers used in the Diffie Hellman key exchange are of this large size for security reasons. The "Facade" class is used to provide a simple interface to this complex system of classes. The "Facade" class allows a client class to implement the Diffie Hellman key exchange without having to call or communicate with any of the classes that actually run the application. The "Diffie Hellman" class is the client class that simply calls the appropriate method in the "Facade" class depending on the input from the user (i.e. server or client mode). There are only two methods, use_Server() and use_Client(), in the "Facade" class that contain a minimal amount of code. Using these two methods the "Diffie Hellman" class is able to use all the functionality of the system without having to communicate with any class other than the "Facade" class. The basic architecture of the application can be seen in the UML Diagram.

UML (Unified Modelling Language) is used to represent a model of the design of a system. This UML diagram models the design or architecture of the Client_Server_Facade application. The Diffie Hellman class at the top of the tree as it is the client class. It has a link to the Facde class below it. The Facade class communicates with the server and the client class which in turn have links to the Client_Server and the BIG classes.

[Click image to enlarge] [Click image to enlarge]

The Sequence Diagram is one of the most interesting and useful diagrams in the Unified Modeling Language (UML). It helps you document and understand the dynamic aspects of your software system—specifically the sequence of messages that are sent and received between objects. Sequence diagrams can help you comprehend and solve difficult issues in the process-intensive portions of your applications. To the right you can see a scaled down version (click on image to enlarge) of the sequence diagram for the Client_Server_facade application running in server mode. You can see what messages are passed between which classes. As described above the client or actor only sends message to the Diffie Hellman class which in turn communicates with the server class.The end result of this sequence being the Private key "Y" being passed back to the actor or user.

[Click image to enlarge] [Click image to enlarge]

[Click image to enlarge] [Click image to enlarge]

To the left you can see a scaled down version (click on image to enlarge) of the sequence diagram for the Client_Server_facade application running in client mode. You can see what messages are passed between which classes. As described above the client or actor only sends message to the Diffie Hellman class which in turn communicates with the client class. The end result of this sequence being the Private key "Y" being passed back to the actor or user.

Below is an example of the the output from the example when run in server mode.

Below is an example of the the output from the example when run in client mode.

Instructions on how to run the application can be found here.

Source Files. The application is written in C++ and compiled using Visual Studio .NET.

1. DiffieHellman.cpp Defines the Diffie Hellman class. This is the "client" class that uses the "Facade" class.
2. Facade.h Defines the "Facade" class.
3. Facade.cpp Contains the methods used in the "Facade" class.
4. Server.h Defines the derived class "Server".
5. Server.cpp Contains the methods used in the "Server" class.
6. Client.h Defines the derived class "Client".
7. Client.cpp Contains the methods used in the "Client" class.
8. Client_Server.h Defines the Base class "Client_Server".
9. Client_Server.cpp Contains the methods (virtual and non-virtual) used in the "Client_Server" class.
10. big.h Defines the "Big" class used for large numbers.AUTHOR : M.Scott. Part of the miracl Library.
11. BIG.CPP All methods used by the "Big" class.
12. miracl.h Part of the miracle library used by the "Big" class.
13. mirdef.h Part of the miracle library used by the "Big" class.

Client_Server_Facade.exe [548kb] must be run from the command line.
Usage is as follows;
to use the application in server mode:

type "Client_Server_Facade server 8090" where 8090 is the port number (this can be any value)

to use the application in client mode:

type "Client_Server_Facade client 127.0.0.1 8090" where 127.0.0.1 is the IP address of the server's machine and 8090 is the port number (this must be the same value as the server)

You must have the running application in server mode before you run the application in client mode. You can see an example of the output here. Download the application by clicking here or on the download image.