# Diffie-Hellman key exchange

In a **Diffie-Hellman (DH) key exchange**, two people first agree on two numbers to use in the DH algorithm. Then they independently and randomly generate a random integer. Then each computes a value—using the chosen random integer and the two DH numbers—and sends this value to the other.

Then each person computes a second value, using the exchanged value and the DH algorithm. The resulting value is the same on both sides, and therefore can be used for symmetric encryption by both parties. But no one else in the world can come up with the same value from the public value passed through the Internet, since the second computed value also depends on the private values, which remain secret.

The derived DH value can be used either as a session key for subsequent exchanges or to encrypt yet another key, which can then be passed through the Internet quite safely.

However, authentication is needed to protect even DH exchanges against the man-in-the-middle. Without authentication, a man-in-the-middle could use an active attack to get in on the action and plant his own keys. When the DH exchange mechanism used is protected by an authentication scheme, DH allows generation of new values that are independent of older values—providing perfect forward secrecy.

The DH group parameters in the IKE SA allow parties to agree on the numbers used in the DH exchange. The parties need two numbers—a large known prime number and a generator number. By default, IKE specifies four groups that are available for selection by both parties. If they wish to add new groups to select from, they can choose to do so.

## The Secret of Diffie-Hellman Key Exchange

In 1976, Whitfield Diffie and Martin Hellman published “New Directions in Cryptography,” and the field of public key cryptography was born. Through a fairly simple mathematical process, two parties can publicly exchange a numeric value that enables them to create a private key they can use thereafter in conversation with each other. The beauty of the Diffie-Hellman (DH) algorithm is that it works regardless of the medium. Two computers on a LAN—or people in a tavern—can use the same process to publicly create a private key.

Since this method of key exchange is used commonly in VPNs and secure communications, it is worth understanding at some level how this exchange works. For purposes of demonstration, small integers will be used. However, to make it more difficult for attackers to figure out what the key is, computers use huge numbers (i.e., 100 digits plus) that make it computationally infeasible to reverse engineer.

For example, Alice and Bob, wishing to communicate in secret, publicly agree on two values, a root value and a modulus value. For this example, they agree upon the generator as 2 and the modulus as 997. They each then choose a secret number of their own. Alice chooses 78, and Bob chooses 45. Using the formula 2^78 mod 997, Alice sends the result of 400 to Bob. Bob then uses the same formula, except with his own secret value (2^45 mod 997=283), and sends the result of 283 to Alice. Alice has 283 from Bob, and Bob has 400 from Alice.

Then Alice uses the value Bob sent her and her secret value in the following formula: 283^78 mod 997=300. Bob performs the same calculation with the value Alice sent him and his secret value: 400^45 mod 997=300. The value that each equation finds is the secret key. Bob and Alice let everyone know what the root modulus and value of their initial exchange are. Yet eavesdroppers can not figure out that the eventual secret is 300 because they never know what Alice and Bob’s secret value is.