Overview#
Diffie-Hellman key exchange (DH) is a specific method of securely Key-Exchange over a public channel and was the first specific example of Public Key Cryptography as originally conceptualized by Ralph Merkle.Diffie-Hellman is one of the earliest practical examples of Public Key exchange implemented within the field of cryptography. The Diffie-Hellman Key-Exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communication channel. This key can then be used to encrypt subsequent communications using a Symmetric Key Cipher.
The scheme was first published by Whitfield Diffie and Martin Hellman in 1976.
By 1975, James H. Ellis,[3] Clifford Cocks and Malcolm J. Williamson within GCHQ, the British signals intelligence agency, had also shown how Public Key Cryptography could be achieved; however, their work was kept secret until 1997.
Although Diffie-Hellman Key agreement itself is an anonymous (non-authenticated) key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide Perfect Forward Secrecy in Transport Layer Security's Ephemeral modes (referred to as EDH or DHE depending on the Cipher Suite).
The method was followed shortly afterwards by RSA, an implementation of Public Key cryptography using Asymmetric Key Cryptography.
U.S. Patent 4,200,770, from 1997, is now expired and describes the now Public Domain algorithm. It credits Hellman, Diffie, and Merkle as inventors
More Information#
There might be more information for this subject on one of the following:- AES-GCM
- Best Practices Password
- ClientKeyExchange
- Curve25519
- DH
- Diffie-Hellman key-exchange
- Diffie-Hellman or RSA
- Digital Signature
- ECDHE
- Elliptic Curve
- Elliptic Curve Diffie-Hellman Ephemeral
- How SSL-TLS Works
- Hybrid cryptosystem
- Javascript Object Signing and Encryption
- KeyAgreement
- Key_share
- Logjam
- Menezes-Qu-Vanstone
- NIST.SP.800-56A
- NSA Suite B Cryptography
- Off-the-Record Messaging
- Open Protocol for Access Control, Identification, and Ticketing with privacY
- RFC 8418
- ServerKeyExchange
- Shared Secret
- TLS 1.3
- TLS Full Handshake
- X25519
- [#1] - Diffie–Hellman key exchange
- based on 2015-03-18