Im doing a project where Alice and Bob send each other messages using the Diffie-Hellman key-exchange. What is throwing me for a loop is how to incorporate the certificate they are using in this so i can obtain their secret messages.

From what I understand about MIM attakcs, the MIM acts as an imposter as seen on this diagram:

Below are the details for my project. I understand that they both have g and p agreed upon before communicating, but how would I be able to implement this with they both having a certificate to verify their signatures?

Alice prepares ⟨signA(NA, Bob), pkA, certA⟩ where signA is the digital signature algorithm used by Alice, “Bob” is Bob’s name, pkA is the public-key of Alice which equals gx mod p encoded according to X.509 for a fixed g, p as specified in the Diffie-Hellman key- exchange and certA is the certificate of Alice that contains Alice’s public-key that verifies the signature; Finally, NA is a nonce (random string) that is 8 bytes long.

Bob checks Alice's signature, and response with ⟨signB{NA,NB,Alice},pkB,certB⟩. Alice gets the message she checks her nonce NA and calculates the joint key based on pkA, pkB according to the Diffie-Hellman key exchange. Then Alice submits the message ⟨signA{NA,NB,Bob},EK(MA),certA⟩ to Bob and Bobrespondswith⟨SignB{NA,NB,Alice},EK(MB),certB⟩.

where MA and MB are their corresponding secret messages.

## Best Solution

Offering the Wikipedia answer:

You may consider impressing your professor by discussing the variants of Diffie-Hellman that are more secure. For now, given you've noted the original implementation, this will do.

Best of luck!