The Diffie-Hellman key exchange protocol was developed by Whitfield Diffie, Martin E. Hellman and Ralph Merkle in 1976.
CrypTool contains a visualization of the Diffie-Hellman key exchange protocol. You can access it via the menu item Individual Procedures / Diffie-Hellman Demonstration. For the dialog Diffie-Hellman Visualization online help is offered too.
Furthermore CrypTool offers an exemplary execution of the key exchange protocol with small numbers in order to ease your understanding.
Despite communicating via a non-secure line, the protocol enables two or more parties to negotiate on a secret key which is solely known to the participating parties.
For better comprehension the two participating parties will be described as Alice and Bob. The following drawing is to give a quick overview of the Diffie-Hellman key exchange protocol:
The secret and common key, often described as session key, depends on the following parameters:
The protocol is based on the discrete logarithm problem, that is making use of a so-called one-way-function property: Whereas the computation of a mathematical one-way-function is of low complexity, the inverse operation is extremely hard to accomplish.
The creation of the session key at the end of the protocol is based on such a one-way-function: Even if a potential attacker has knowledge of the shared keys of both Alice and Bob, it is hardly possible for him to compute the session key; depending on the key length, it can easily turn out as impossible for the attacker to calculate the session key.
Increasing the prime module p directly affects the complexity to compute the session key. Anyhow, the additional expenses to compute the exponential function are bearable for Alice and Bob.
Contrary to the situation of Alice and Bob, the attacker needs to compute the discrete logarithm, which is the inversion of the exponential function. This effort increases much more than the effort necessary for the two communication partners.
For this reason the safety of the Diffie-Hellman key exchange protocol depends essentially on the size of the prime module p. In practical prime module numbers are considered safe if their bit length has at least 1024 bit, which complies with a 300-digit decimal number.
Besides the prime module p, the secret numbers of Alice and Bob need to be of a certain length in order to prevent the attacker from correctly guessing the session key by chance. Thus, in practice secrets should be at least 80 bit long (25-digit decimal number).
Remark 1:
The key exchange protocol according to Diffie-Hellman is NOT an encryption method, it is merely used to agree on a secret and common key.
Remark 2:
The Diffie-Hellman protocol is vulnerable against "Man-In-The-Middle" attacks:
The attacker attempts to personate as Alice for Bob and at the same time to personate as Bob against Alice (the attacker stands in the middle of the communication between Alice and Bob). If he is successful then he obtains via the Diffie-Hellman protocol a common secret key with Alice and a second common secret key with Bob.
This attack can be prevented via digital certificates by the secure identification of the communication partners.
Remark 3:
Additional information on the mathematical background can be found