Diffie-Hellman key exchange

related topics
{math, number, function}
{system, computer, user}
{law, state, case}
{work, book, publish}
{company, market, business}
{area, part, region}

Diffie–Hellman key exchange (D–H)[nb 1] is a specific method of exchanging keys. It is one of the earliest practical examples of Key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher. It is a type of key exchange.

The scheme was first published by Whitfield Diffie and Martin Hellman in 1976, although it later emerged that it had been separately invented a few years earlier within GCHQ, the British signals intelligence agency, by Malcolm J. Williamson but was kept classified. In 2002, Hellman suggested the algorithm be called Diffie–Hellman–Merkle key exchange in recognition of Ralph Merkle's contribution to the invention of public-key cryptography (Hellman, 2002).

Although Diffie–Hellman key agreement itself is an anonymous (non-authenticated) key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide perfect forward secrecy in Transport Layer Security's ephemeral modes (referred to as EDH or DHE depending on the cipher suite).


History of the protocol

The Diffie–Hellman key agreement was invented in 1976 during a collaboration between Whitfield Diffie and Martin Hellman and was the first practical method for establishing a shared secret over an unprotected communications channel. Ralph Merkle's work on public key distribution was an influence. John Gill suggested application of the discrete logarithm problem. It had first been invented by Malcolm Williamson of GCHQ in the UK some years previously, but GCHQ chose not to make it public until 1997, by which time it had no influence on research in academia.

Full article ▸

related documents
Information retrieval
Lazy evaluation
Outer product
Delegation pattern
Base (topology)
Riemann mapping theorem
XSL Transformations
Oracle machine
Generalized mean
Prim's algorithm
Paracompact space
Definable real number
Fixed point combinator
ML (programming language)
Pigeonhole principle
Boolean ring
Queue (data structure)
Commutator subgroup
Chain rule
Jules Richard
Existential quantification
2 (number)
Presburger arithmetic
Poisson process