Lewiscowles1986/dh-diagram.svg

## dh-diagram.svg

      
Display the source blob

    
Display the rendered blob

    
    Raw
  

              dh-diagram.svg
            
          
      Sorry, something went wrong. Reload?
      Sorry, we cannot display this file.
      Sorry, this file is invalid so it cannot be displayed.
      
          Viewer requires iframe.
      
    
## diagram.plantuml
@startuml
participant Client as C
participant Server as S


Title SSH Asymmetric Internals Sequence
== Initial Connection ==

C --> S: Connection establishment request
S --> C: Here are the protocols I support & my public host-key (identifier)
C --> C: Do I support these methods? (If None Supported Fail)

== Diffie-Hellman ==

C <-> S: Agree publicly on `prime modulus`(PM) & `generator`(G)
C --> C: Generate private random number (PRNI)
C --> C: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
C --> S: sends PRNS
S --> S: Generate private random number (PRNI)
S --> S: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
S --> C: sends PRNS
C --> C: Use Server PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)
S --> S: Use Client PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)

== Authentication (asymmetric key) ==

C --> S: Transmit identity seeking to prove
S --> S: Verify account being accessed contains identity supplied
...If identity Not Found Fail...
S --> S: Generate new private random number (PRNC)
S --> S: Encrypt PRNC (PRNCE) with the public-key found
S --> C: Send Client PRNCE
C --> C: Attempt to decrypt PRNCE using private-key matching sent identity
C --> S: Send Hash of the SS & decrypted PRNCE (VHASH)
S --> S: Generates hash & compares hash to VHASH
...If Not Matching Fail...

@enduml
	@startuml
	participant Client as C
	participant Server as S


	Title SSH Asymmetric Internals Sequence
	== Initial Connection ==

	C --> S: Connection establishment request
	S --> C: Here are the protocols I support & my public host-key (identifier)
	C --> C: Do I support these methods? (If None Supported Fail)

	== Diffie-Hellman ==

	C <-> S: Agree publicly on `prime modulus`(PM) & `generator`(G)
	C --> C: Generate private random number (PRNI)
	C --> C: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
	C --> S: sends PRNS
	S --> S: Generate private random number (PRNI)
	S --> S: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
	S --> C: sends PRNS
	C --> C: Use Server PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)
	S --> S: Use Client PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)

	== Authentication (asymmetric key) ==

	C --> S: Transmit identity seeking to prove
	S --> S: Verify account being accessed contains identity supplied
	...If identity Not Found Fail...
	S --> S: Generate new private random number (PRNC)
	S --> S: Encrypt PRNC (PRNCE) with the public-key found
	S --> C: Send Client PRNCE
	C --> C: Attempt to decrypt PRNCE using private-key matching sent identity
	C --> S: Send Hash of the SS & decrypted PRNCE (VHASH)
	S --> S: Generates hash & compares hash to VHASH
	...If Not Matching Fail...

	@enduml