Definitions for

**"Diffie-Hellman"****Related Terms:**Diffie-hellman key exchange, Perfect forward secrecy, Pfs , Asymmetric cryptography, Pkc, Public-key cryptography, Key pair, Public/private key pair, Secret key, Public key encryption, Asymmetric encryption, Private key, Symmetric key, Ike, Symmetric-key cryptography, Keyring , Key exchange, Symmetric algorithm, Key generation, Symmetric cryptography, Public key cryptography, Key recovery, Symmetric encryption, Public key, Preshared key, Key, Pke, Session key, Cryptosystem, Rsa encryption, Private key encryption, Public-key encryption, Internet key exchange, Pre-shared key, Cryptographic key, Symmetric cipher, Triple des, Encryption key, Cipher suite, Encryption algorithm, Rsa, Public key cryptography standards, Tkip, Cryptographic algorithm, Ciphertext, Blowfish, Triple-des, Public-key infrastructure, Rsa algorithm, Pkcs

A key exchange algorithm that was the first public-key algorithm ever invented. Diffie-Hellman can be used anonymously (without authentication). Anonymous Diffie-Hellman is used to establish the connection between the RingMaster management application and a Mobility Exchange (MX) switch.

Public key crypto algorithm that generates a shared secret between two entities after they publicly share some randomly generated data.

a public-key algorithm, invented in 1976.

The Diffie-Hellman Method For Key Agreement allows two hosts to create and share a secret key. VPNs operating on the IPSec standard use the Diffie-Hellman method for key management. Key management in IPSec begins with the overall framework called the Internet Security Association and Key Management Protocol (ISAKMP). Within that framework is the Internet Key Exchange (IKE) protocol. IKE relies on yet another protocol known as OAKLEY and it uses Diffie-Hellman.

Assymetric algorithm named for its creators, Whitfield, Diffie and Martin Hellman

A cryptographic key-exchange algorithm that is part of many standards. See also X9.42.

A protocol used to securely share a secret key between two users. Diffie-Hellman protocol uses a form of public key exchange to share the secret key. Diffie-Hellman is known to be susceptible to an interceptor's attack, but authenticated Diffie-Hellman Key Agreement, a later enhancement, prevents such a middle-person attack.

A key-agreement algorithm used to create a random number that can be used as a key over an insecure channel.

A key agreement algorithm published by Whitfield Diffie and Martin Hellman

The oldest public-key cryptosystem still in use. Does not support either encryption or digital signatures. System is designed to allow two individuals to agree on a shared key, even though they only exchange messages in public.

Diffie-Hellman is a key-exchange protocol that does require a prior shared secret. It can be used to establish a secure symmetric-key. The Diffie-Hellman protocol is vulnerable to the man-in-the-middle attack, and must be used with additional authentication mechanisms.

Method to generate a symmetric key where the two parties can publicly exchange values and generate the same symmetric key. Start with prime p and generator g, which may be publicly known (typically these numbers are from a well-known "Diffie-Hellman Group"). Each party selects a private value (a and b) and generates a public value (g**a mod p) and (g**b mod p). They exchange the public values. Each party then uses its private value and the other party's public value to generate the same symmetric key ((g**a)**b mod p and (g**b)**a modp, which both evaluate to g**(a*b) mod p for future communication. It must be combined with authentication to prevent man-in-the-middle or third party attacks (spoofing) attacks. Typically, it's combined with public/private key certificates (when sending the public value, each party signs the public value with its private key and includes a certificate).

A public-key cryptography protocol, first published in the 1970s. It allows two parties to establish a shared secret over an insecure communications channel and is used within IKE to establish session keys.

The first public key algorithm, invented in 1976, using discrete logarithms in a finite field.

A mathematical algorithm that allows two users to exchange a secret key over an insecure medium without any prior secrets. This protocol, named after the inventors who first published it in 1976, is used in Virtual Private Networking ( VPN).

Method of key exchange across a nonsecure environment, such as the Internet. The Diffie-Hellman algorithm negotiates a session key without sending the key itself across the network by allowing each party to pick a partial key independently and send part of it to each other. Each side then calculates a common key value. This is a symmetrical method and keys are typically used only for a short time, then discarded and regenerated.

Zhe first workable public key cryptographic system still widely used in Internet browsers such as Secure Socket Layer (SSL) and Internet Protocol Security (IPsec). Diffie-Hellman confidants use public (insecure) communication lines to agree on a shared secret key.

A public-key algorithm used mostly for exchanging keys; its security rests on the difficulty of computing discrete algorithms in a finite field, generated by a large prime number.