Diffie-Hellman, often referred to as the Diffie-Hellman key exchange or DH, is a cryptographic protocol that enables two parties to securely establish a shared secret key over a public channel, even if they have no prior knowledge of each other. This shared key can then be used for symmetric encryption, allowing for secure communication between the parties.
The core idea is that both participants—commonly called Alice and Bob—agree on two public values: a large prime number and a base (generator) . Each party then chooses a private, secret number (their private key), computes a corresponding public value, and exchanges these public values over the insecure channel. Using their own private key and the other party’s public value, both can independently compute the same shared secret, which is mathematically infeasible for an eavesdropper to determine, even if they see all the public information exchanged.