Customer Service and Booking Hotline: +44 (0) 845 672 0175


Diffie-Helman Key Exchange

The Diffie-Helman protocol enables two communicators to generate a shared secret value (normally a session key) to be used for secure communications, without ever transmitting this value across a network .

The steps in generating and sharing the secret key using the Diffie-Helman protocol are as follows:

  • the parties agree (typically beforehand, by definition of a Diffie-Helman group number) on a generator value, g, and a modulus, p
  • each party independently chooses a secret value, which in the diagram opposite are a (for Alice) and b (for Bob)
  • each party calculates the result of the generator, g, raised to the power of their secret value (a and b respectively), modulo p
  • these interim values are sent to the other party
  • each party completes the calculation by raising the interim result received to the power of their own secret value (a or b) modulo p
  • the final result obtained by each party is identical, and becomes the session key

The strength of the Diffie-Helman protocol is that an eavesdropper knowing g and p, and intercepting the two interim results, cannot calculate the final key value.

(For those sceptical about this simple algorithm, it relies upon the fact that exponents are commutative, and other words the order in which a number is raised to a sequence of powers does not affect the result. We also have a nice demonstration of the Diffie-Helman calculation using the Windows calculator in engineering mode).

Bookmark this article

Share this article using the following sites:

Courses by category...

Glossary Search

Newsletter Sign-up

Our RSS Feeds...