What is Diffie-Hellman key exchange?
D5 ยท Crypto ยท CompTIA Security+ SY0-701Diffie-Hellman (DH) is a key exchange protocol that allows two parties to establish a shared secret key over an insecure public channel โ without ever sending the key itself.
Analogy: mixing paint colors. Each party has a private color, shares a public color, mixes privately โ both end up with the same final color without revealing their private color.
DHE / ECDHE (Ephemeral variants) โ generate new key pairs for each session, providing Perfect Forward Secrecy (PFS).
Analogy: mixing paint colors. Each party has a private color, shares a public color, mixes privately โ both end up with the same final color without revealing their private color.
DHE / ECDHE (Ephemeral variants) โ generate new key pairs for each session, providing Perfect Forward Secrecy (PFS).
DH solves the key distribution problem for symmetric encryption. ECDHE is used in TLS 1.3 and provides forward secrecy โ past sessions can't be decrypted even if the server's private key is later compromised.