Skip to content

Instantly share code, notes, and snippets.

@ipeacocks
Forked from Lewiscowles1986/dh-diagram.svg
Created April 27, 2019 20:21
Show Gist options
  • Save ipeacocks/769a7f865c553d42348270f4a2fcdc02 to your computer and use it in GitHub Desktop.
Save ipeacocks/769a7f865c553d42348270f4a2fcdc02 to your computer and use it in GitHub Desktop.
SSH with asymmetric key UML Sequence
Display the source blob
Display the rendered blob
Raw
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@startuml
participant Client as C
participant Server as S
Title SSH Asymmetric Internals Sequence
== Initial Connection ==
C --> S: Connection establishment request
S --> C: Here are the protocols I support & my public host-key (identifier)
C --> C: Do I support these methods? (If None Supported Fail)
== Diffie-Hellman ==
C <-> S: Agree publicly on `prime modulus`(PM) & `generator`(G)
C --> C: Generate private random number (PRNI)
C --> C: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
C --> S: sends PRNS
S --> S: Generate private random number (PRNI)
S --> S: Generate public random number (PRNS) = G<sup>PRNI</sup>%PM)
S --> C: sends PRNS
C --> C: Use Server PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)
S --> S: Use Client PRNS<sup>PRNI</sup>%PM to generate shared secret (SS)
== Authentication (asymmetric key) ==
C --> S: Transmit identity seeking to prove
S --> S: Verify account being accessed contains identity supplied
...If identity Not Found Fail...
S --> S: Generate new private random number (PRNC)
S --> S: Encrypt PRNC (PRNCE) with the public-key found
S --> C: Send Client PRNCE
C --> C: Attempt to decrypt PRNCE using private-key matching sent identity
C --> S: Send Hash of the SS & decrypted PRNCE (VHASH)
S --> S: Generates hash & compares hash to VHASH
...If Not Matching Fail...
@enduml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment