SafekipediaDiffie–Hellman key exchange
Adapted from Wikipedia · Adventurer experience
Diffie–Hellman key exchange is a way for two people to create a secret code together, even if they can only talk through a public channel, like the internet. Before this method was created, people needed to exchange secret codes in a safe way, such as using paper lists carried by a trusted courier. But with Diffie–Hellman, two people who have never met can create a secret key together over an insecure channel. They can then use this key to hide their messages using a symmetric-key cipher.
This idea was first shared in 1976 by Whitfield Diffie and Martin Hellman. It was one of the first ways to use public key exchange in cryptography. Many internet services use Diffie–Hellman to keep information safe.
It turns out that people in a British intelligence agency had come up with similar ideas even earlier, in 1969, but they were kept secret. Even though Diffie–Hellman by itself does not prove who is sending the message, it helps create strong security for many modern internet protocols. It also makes something called "forward secrecy" possible, which helps keep messages safe. The RSA cryptosystem is another important method for secure communication.
Name
In 2006, Martin Hellman suggested calling the algorithm Diffie–Hellman–Merkle key exchange to honor Ralph Merkle’s important work. Merkle helped develop the idea behind public-key cryptography, which lets people share secrets safely over public channels. Hellman wanted this name to show Merkle’s big role in creating this important technology.
The method is still commonly known as the Diffie–Hellman key exchange, named after Whitfield Diffie and Martin Hellman, who first described it in a paper in 1976. It was one of the first ways to safely create a shared secret key between two people over an insecure connection.
Main article: Public-key cryptography
Description
Diffie–Hellman key exchange is a way for two people to share a secret key over a public network. Imagine Alice and Bob want to share a secret color. They both agree on a common starting color, like yellow. Each of them picks a secret color they keep to themselves, say red for Alice and cyan for Bob. They mix their secret color with the common color and share these mixed colors with each other. After mixing the color they received from the other person with their own secret color, they both end up with the same final color, which becomes their shared secret.
In real life, this process uses very large numbers instead of colors. Alice and Bob agree on two public numbers, and each picks a secret number. They exchange certain values based on these numbers, and through a special math trick, they both end up with the same secret number without revealing their individual secrets. This shared secret can then be used to encrypt messages they send to each other over the same public network.
Main article: Diffie–Hellman key exchange
Ephemeral and/or static keys
The Diffie–Hellman key exchange can use different types of keys. These are called ephemeral (used once) or static (used for a long time). Using these keys in different ways changes how safe the exchange is.
For example, using two ephemeral keys gives forward secrecy. This means that if someone later finds out one key, they cannot read old messages. Using two static keys gives long-term safety but does not have forward secrecy.
There is also a method called triple Diffie–Hellman (3-DH). It mixes long-term and ephemeral keys to add more safety. Another version, called Extended Triple Diffie–Hellman (X3DH), was made for use in the Signal Protocol. It uses several public keys and gives forward secrecy. This means that past messages stay safe even if future keys are found. This method works on special math curves called elliptic curves.
Main article: Double Ratchet Algorithm
| Alice ( A = g a {\displaystyle A=g^{a}} ) | Bob ( B = g b {\displaystyle B=g^{b}} ) | |
|---|---|---|
| X = g x {\displaystyle X=g^{x}} | X → {\displaystyle X\rightarrow {}} | |
| ← Y {\displaystyle {}\leftarrow Y} | Y = g y {\displaystyle Y=g^{y}} | |
| K = KDF ( Y x , B x , Y a , X , Y , A , B ) {\displaystyle K=\operatorname {KDF} \left(Y^{x},\,B^{x},\,Y^{a},\,X,\,Y,\,A,\,B\right)} | K = KDF ( X y , X b , A y , X , Y , A , B ) {\displaystyle K=\operatorname {KDF} \left(X^{y},\,X^{b},\,A^{y},\,X,\,Y,\,A,\,B\right)} |
Operation with more than two parties
Diffie–Hellman key exchange can work with more than two people. Many users can work together to create a secret key by sharing information.
For example, imagine three friends—Alice, Bob, and Carol—each following steps to create a secret number that only they know.
The process starts with everyone agreeing on two numbers. Each person picks their own private number. They then share certain values with each other. Through calculations, each person can find the same secret number without revealing their private numbers. Even if someone sees the shared values, it is very hard for them to find the secret number. This way, groups can keep their information safe together.
Security and practical considerations
The Diffie-Hellman key exchange is safe when the right settings are used. It depends on a hard math problem that is difficult for computers to solve unless they have special tools. To stay safe, the numbers used need to be large and picked carefully.
Some people have tried to break this system using clever math tricks or by reusing common settings. Experts recommend using bigger numbers or different methods, like elliptic curve cryptography, to keep it secure. Even very powerful computers, known as quantum computers, might break some versions, but new ways are being created to guard against this.
Other uses
Public key encryption can use the Diffie–Hellman key exchange. One example is the ElGamal encryption, and a newer version is the Integrated Encryption Scheme.
Diffie–Hellman helps make new secret keys for each chat. This makes it safer. It is often used in special rules called forward secrecy.
When two people share a password, they can use a version of Diffie–Hellman called password-authenticated key agreement. This helps keep them safe. An example is the Secure Remote Password protocol.
Diffie–Hellman can also be used in a public key infrastructure, letting one person send a private message to another without talking before. But RSA is more commonly used for this today.
This article is a child-friendly adaptation of the Wikipedia article on Diffie–Hellman key exchange, available under CC BY-SA 4.0.
Images from Wikimedia Commons. Tap any image to view credits and license.