Diffie-Hellman key exchange
Diffie-Hellman key exchange (D-H) is a cryptographic protocol that allows two parties that have no prior knowledge of each other to securely agree on a shared secret key over an insecure communications channel. Then they use this key to encrypt subsequent communications using a symmetric-key cipher.
Synonyms of Diffie-Hellman key exchange include:
- Diffie-Hellman key agreement
- Diffie-Hellman key establishment
- Diffie-Hellman key negotiation
- Exponential key exchange
The scheme was first published publicly by Whitfield Diffie and Martin Hellman in 1976, Diffie-Hellman key agreement itself is an anonymous (non-authenticated) key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide perfect forward secrecy in Transport Layer Security's short-lived modes.
In the original description papers, the Diffie-Hellman exchange by itself does not provide authentication of the communicating parties and is thus susceptible to a man-in-the-middle attack. An attacking person in the middle may establish two different Diffie-Hellman key exchanges, with the two members of the party "A" and "B", appearing as "A" to "B", and vice versa, allowing the attacker to decrypt (and read or store) then re-encrypt the messages passed between them. A method to authenticate the communicating parties to each other is generally needed to prevent this type of attack.
Many cryptographic authentication solutions include a Diffie-Hellman exchange. When two parties "A" and "B" have a public key infrastructure, they may digitally sign the agreed key "G", or GA and GB, as in MQV, STS and the IKE component of the IPsec protocol suite for securing Internet Protocol communications. When "A" and "B" share a password, they may use a password-authenticated key agreement form of Diffie-Hellman.
- Non-Secret Encryption Using a Finite Field MJ Williamson, January 21, 1974.
- Thoughts on Cheaper Non-Secret Encryption MJ Williamson, August 10, 1976.
- New Directions in Cryptography W. Diffie and M. E. Hellman, IEEE Transactions on Information Theory, vol. IT-22, Nov. 1976, pp: 644-654.
- Cryptographic apparatus and method Martin E. Hellman, Bailey W. Diffie, and Ralph C. Merkle, U.S. Patent #4,200,770, 29 April 1980
- The History of Non-Secret Encryption JH Ellis 1987 (28K PDF file) (HTML version)
- The First Ten Years of Public-Key Cryptography Whitfield Diffie, Proceedings of the IEEE, vol. 76, no. 5, May 1988, pp: 560-577 (1.9MB PDF file)
- Menezes, Alfred; van Oorschot, Paul; Vanstone, Scott (1997). Handbook of Applied Cryptography Boca Raton, Florida: CRC Press. ISBN 0-8493-8523-7. (Available online)
- Singh, Simon (1999) The Code Book: the evolution of secrecy from Mary Queen of Scots to quantum cryptography New York: Doubleday ISBN 0-385-49531-5
- An Overview of Public Key Cryptography Martin E. Hellman, IEEE Communications Magazine, May 2002, pp:42-49. (123kB PDF file)
- Public-key cryptography
- Diffie-Hellman problem
- Station-to-Station protocol
- Internet Key Exchange protocol
- Key-agreement protocol
- Password-authenticated key agreement
- Oral history interview with Martin Hellman, Charles Babbage Institute, University of Minnesota. Leading cryptography scholar Martin Hellman discusses the circumstances and fundamental insights of his invention of public key cryptography with collaborators Whitfield Diffie and Ralph Merkle at Stanford University in the mid-1970s.
- RFC 2631 - Diffie-Hellman Key Agreement Method E. Rescorla June 1999.
- Summary of ANSI X9.42: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography (64K PDF file) (Description of ANSI 9 Standards)
- Diffie-Hellman Key Exchange – A Non-Mathematician’s Explanation by Keith Palmgren
- Crypt::DH Perl module from CPAN
- Hands-on Diffie-Hellman demonstration
- C implementation using GNU Multiple Precision Arithmetic Library