Skip to main content

Diffie-Hellman

An asymmetric encryption algorithm created to let two users that are stranger to each other to safely create a shared key over a public channel (like the Internet).

The Diffie-Hellman exchange process is as follows:

  1. The two users agree on a prime number $P$ and a generator $g$. These numbers can be freely shared.
  2. Each user then generates a private number $p$, and it's corresponding public key using: $(G^p) \bmod P$
  3. They then exchange their public keys $s$, which are used to create a shared secret key using: $(s^p) \bmod P$ that both users have acquired without direct exchange on the public channel.
  4. If a bad actor listened in on the sharing process, they couldn't acquire any of the private keys or reverse the process without knowing the private number $p$ from either user.

Diffie-Hellman is used in many security protocols, like TLS, IPSec, SSH, and others.

No comments to display

Back to top