diffiehellman | Diffie-Hellman key exchange implementation for Python | Cryptography library

Sorry to use an answer that's not real an answer but these data won't be readable in a comment.

It looks like that your key is encrypted and is invalid. See the structure:

Problem was in encoding. I used ASCII and it didnt work for strange letters. If you use Convert.FromBase64String and Convert.ToBase64String it works.

The problem is most easily understood using a concrete example: Alice has a device that generates Diffie-Hellman keys for her. On this device the malicious Diffie Hellman variant is implemented.

The malicious DH variant is defined as follows, s. here, sec. 3.1:

MDH1: For the first generated key pair the following applies:

• The private key c₁ is a random value smaller than p-1. c₁ is stored for later use.
• The public key is calculated according to m₁ = g^c₁ mod p.
• The device provides Alice with the private key (c₁) and the public key (m₁).

MDH2: For the second generated key pair the following applies:

• A random t is chosen (0 or 1).
• z₂ is calculated according to z₂ = g^{(c₁ - Wt)} * Y^{(-ac₁ - b)} mod p.
• The private key c₂ is calculated according to H(z₂). Here H is a cryptographic hash function. c₂ is stored for later use.
• The public key is calculated according to m₂ = g^c₂ mod p.
• The device provides Alice with the private key (c₂) and the public key (m₂).

MDHi: What happens for the third and subsequent key pairs? The same algorithm is used as for the second generated key pair, i.e. for example for the third key exchange, c₂ is now used instead of c₁ and m₂ is now used instead of m₁, or in general if the i-th key pair c_i, m_i is generated:

• A random t is chosen (0 or 1).
• z_i is calculated according to z_i = g^{(c_i-1 - Wt)} * Y^{(-ac_i-1 - b)} mod p.
• The private key c_i is calculated according to H(z_i). Here H is (the same) cryptographic hash function. c_i is stored for later use.
• The public key is calculated according to m_i = g^c_i mod p.
• The device provides Alice with the private key (c_i) and the public key (m_i).

Note that there are two categories of key exchange processes, MDH1 and MDHi, which will later play an important role in the discussion of timing behavior.

Evaluation of the posted implementation of the malicious DH variant:
SETUP (Secretly Embedded Trapdoor with Universal Protection) is not implemented by the implementation of the malicious DH variant posted in the question.
SETUP establishes a relationship between two consecutive generated key pairs. This makes it possible to derive the private key of the last key generation from two such correlated public keys, which can be intercepted e.g. during the key exchange process.
But for this, the private key must be passed between successive key generations to use it in the last key generation for establishing this relationship. This does not happen in the implementation, so that the required relationship cannot be achieved.
From a more technical point of view, the implementation fails mainly because the cases MDH1 and MDHi are not implemented separately but together as a closed process. Closed in the sense that the private key is not stored between successive calls, so it cannot be passed on. Subsequent calls of the implementation therefore generate random key pairs that are not in the required relationship to each other.
Also note that from the similar time behaviour (only similar, because e.g. the secondary peak is missing, which will be discussed below) of the posted implementation and the implementation used in the papers, of course no working implementation can be concluded.

A working Python implementation of SETUP or the malicious Diffie-Hellman variant could look like this:

Not sure what you're planning to achieve here, but it appears there's such port for browser: https://www.npmjs.com/package/crypto-browserify. createDiffieHellman is on the list of already ported modules. Especially take a look at the example: https://github.com/crypto-browserify/crypto-browserify/tree/master/example. Instead of createHash I believe you could try invoking createDiffieHellman.

You can get the PID of one of you processes (the parent) and deduce the others using pgrep.

pgrep has a neat feature --ns which will get you all the processes running in the same PID namespace as a given PID.

Having that you can get all the child process and convert them to comma separated values and feed them to perf