Diffie-Hellman Key Exchange

The Diffie-Hellman key exchange is a method that allows two parties that have no previous knowledge of each other to securely establish a shared secret key over a public channel. This key can be used to encrypt communications using a symmetric key cipher.

Diffie-Hellman was the first widely-used method of securely developing and exchanging keys over an insecure channel. It was created by Ralph Merkle in 1976, who named the key exchange after Whitfield Diffie and Martin Hellman, two American cryptographers who aided in creating the key exchange. This development was extremely valuable among public key cryptography and is still implemented in today’s security protocols.

This method of key exchange is used to secure a multitude of internet services, although research has suggested that well-funded attackers can now compromise it. Because of that, RSA is frequently used in place of the Diffie-Hellman key exchange due to its algorithm being capable of signing public-key certificates.

How the Diffie-Hellman key exchange works

The Diffie-Hellman exchange key is complex and uses large numbers and ample amounts of math. For the sake of simplicity, we’ll use an analogy of two people mixing paint: Alice and Bob. They both need to agree on a random color to start with. They send each other a message and decide on yellow being the common color. While they have a common public color, Alice and Bob each have a secret color that they keep to themselves. Alice chooses red and Bob chooses blue.

In the next step, each mixes their secret color with the yellow they commonly agreed upon. So, Alice now has an orange mixture, and Bob has a green mixture. Once the mixing is finished, they “publicly exchange” (send) their paint mixtures to each other. Once they each receive the mixed results from their partner, they then add their own secret color to it. So, Alice takes the green mixture and adds her red paint to it. Bob takes the orange mixture and adds his blue paint to it.

All of this mixing results in an identical common color for both: brown. This shared color is referred to as the common secret. This is critical to the Diffie-Hellman key exchange. Both parties end up with the same result without ever needing to send the entirety of the common secret across the communication channel.

If an attacker is eavesdropping on the exchange, all they can access is the common yellow color both Alice and Bob started with and the mixed colors that were exchanged. These individual pieces of information aren’t enough for the attacker to discern the initial secret colors of the common secret. This allows the two parties to communicate over a potentially dangerous connection and still come up with a shared secret to make encryption keys for future communication.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Complete List of Cybersecurity Acronyms

Cybersecurity news and best practices are full of acronyms and abbreviations. Without understanding what each one means, it's difficult to comprehend the significance of...

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

How To Defend Yourself Against Identity Theft

Almost every worldwide government agency responsible for identity theft issues will tell you the same thing: The first step to fighting identity theft is...


An infographic is a visual representation of information or data. It combines the words information and graphic and includes a collection of imagery, charts,...


ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...


Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...