Diffie Hellman key exchange between server and HTML5 metro apps RRS feed

  • Question

  • Hi I'm want to use Diffie Hellman Key exchange between my server and Metro client app. However, I found that while .NET (on the server) does provide DiffieHellman implementation in ECDiffieHellmanCng, the new classes in Windows.Security.Cryptography does not seem to offer anything along those lines.So, I can't generate Diffie Hellman public key from the client (g.pow(randomclientsecret) mod p)

    So, I though, okay, I will get the client to generate a private secret session key which would be signed and encrypted (rsa) and sent to the server.  The server will use this to generate the client public key and then the actual key for use with AES. So, each session will have a new key, but I don't have to use session state on the server to remember the key for server decryption because the client provides a random secret seed.

    However, even doing this have road-blocks: I would initialize an instance of ECDiffieHellmanCng via constructor with the CngKey created based on client secret, but ECDiffieHellmanCng  actually validates that the private key is DiffieHellman group key. I am stuck!!! It is not just any random set of bytes of a specific key length. The byte array seem to have special bytes for specifying the group.

    What are my options, short of re-implementing the algorithms for generating Diffie Hellman public parameters? Thank you.
    Thursday, July 26, 2012 8:20 PM

All replies

  • H,

    In Metro style app development only a subset of the 4.5 .NET framework is available.  If you want to implement functionality that is not available you can implement your own functionality or search for a 3rd party library that will work with WinRT.


    Jeff Sanders (MSFT)

    Friday, July 27, 2012 12:19 PM