I think you’re confusing the basic Diffie-Hellman, which is a key exchange protocol, with the ‘authenticated version’ which uses a certificate authority (CA). Nice explanation of how the basic Diffie-Hellman is vulnerable to man-in-the-middle from RSA Labs. “The Diffie-Hellman key exchange is vulnerable to a man-in-the-middle attack. In this attack, an opponent Carol intercepts Alice’s … Read more
Client key exchange will contain: length (2 bytes) –> Y_C (in plain text) I have implemented TLS in Java and I follow the same structure and works fine for me. Do I need to sign the returned Yc? No there is no need to sign the client DH public value, it is transferred in plain … Read more
It’s the ephemeral aspect of DHE and ECDHE that provides perfect forward secrecy. The idea is that even if someone records traffic and compromises the server to get its private key, they won’t be able to decipher that traffic, because they’ll be missing the ephemeral DH parameters that won’t have been saved. With fixed DH, … Read more
With Python 3.2 and later, you can use int.to_bytes and int.from_bytes: https://docs.python.org/3/library/stdtypes.html#int.to_bytes
The problem is the prime size. The maximum-acceptable size that Java accepts is 1024 bits. This is a known issue (see JDK-6521495). The bug report that I linked to mentions a workaround using BouncyCastle’s JCE implementation. Hopefully that should work for you. UPDATE This was reported as bug JDK-7044060 and fixed recently. Note, however, that … Read more