Diffie-Hellman Key Exchange

Generate a shared secret key over an insecure channel without transmitting the key itself. Both parties arrive at the same shared secret independently.

Parameters

Must be a large prime number

Primitive root of p

Public Parameters (Transmitted Over Insecure Channel)

p = 23

g = 5

Must be kept secret

Must be kept secret

How It Works

Step 1: Public Setup

Large prime p and generator g are shared publicly

Step 2: Private Secrets

Each party generates a secret number: Alice picks a, Bob picks b

Step 3: Public Keys

Compute A = g^a mod p and B = g^b mod p, exchange publicly

Step 4: Shared Secret

Both compute K = g^(ab) mod p independently

Security Properties

Discrete Log Problem

Computing a from A = g^a mod p is computationally hard

Forward Secrecy

Even if one party's private key is compromised later, past secrets remain safe

MITM Vulnerability

Needs authentication to prevent man-in-the-middle attacks

Parameters Guide

pPrime Modulus

A large prime number that determines the size of the group. In real cryptography, p is typically 1024+ bits (308+ decimal digits).

Example: 2^2048 - 59

gGenerator/Base

A primitive root of p. When raised to different powers, it generates a large subgroup of all possible values modulo p.

Common choice: 2 or 5

a, bPrivate Keys

Randomly chosen secret numbers (1 < private key < p). Must be kept secret by each party. Should be different and unpredictable.

Must be: 1 < key < p-1

Mathematical Foundation

Why Both Parties Get the Same Secret

Alice computes: K_Alice = B^a mod p = (g^b)^a mod p = g^(ba) mod p

Bob computes: K_Bob = A^b mod p = (g^a)^b mod p = g^(ab) mod p

Since ab = ba (multiplication is commutative)

K_Alice = K_Bob = g^(ab) mod p ✓

Important Note

In real-world cryptography, p must be extremely large (2048+ bits). With small primes like those in examples here, attackers can easily compute discrete logarithms using brute force or advanced algorithms.

Public Information

• p (prime)
• g (generator)
• A (Alice's public key)
• B (Bob's public key)
• K (shared secret)

Secret Information

• a (Alice's private key)
• b (Bob's private key)

Never transmitted!

Real-World Applications

TLS/SSL Handshake

Used in HTTPS connections to establish encrypted sessions. Modern versions use Elliptic Curve variants (ECDH) for better performance.

IPsec

VPN protocol uses DH for key agreement in the IKE (Internet Key Exchange) phase.

OTR Messaging

Off-The-Record protocol for secure instant messaging uses DH for perfect forward secrecy.

Wireless Networks

WiFi security protocols (WPA2/WPA3) employ key agreement mechanisms derived from DH.