This is the
talk page for discussing improvements to the
Diffie–Hellman key exchange article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
Archives: 1Auto-archiving period: 90 days |
This
level-5 vital article is rated C-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
This page has archives. Sections older than 90 days may be automatically archived by Lowercase sigmabot III when more than 5 sections are present. |
The second paragraph states:
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel
The linked page defines that an "insecure channel" is "unencrypted and may be subject to eavesdropping and tampering". Since DH doesn't protect against MITM, perhaps we should change this to say 'authentic channel', as "an authentic channel is a means of data transmission that is resistant to tampering but not necessarily resistant to overhearing."? -- Raboof ( talk) 08:25, 17 January 2023 (UTC)
the Diffie–Hellman exchange by itself does not provide authentication of the communicating parties and is thus vulnerable to a man-in-the-middle attack.
Given that Diffie–Hellman key exchange is anonymous, the example of a MITM attack between Alice, Bob and Mallory doesn't make sense, because Alice doesn't know who she is talking to!
I've experimented with reworking the DH algorithm graphics to add a temporal dimension, but I lack the skills and wikipedia experience to turn my ideas into something usable; rather than pollute this page with excessive discussion, I wrote up the concepts at https://alecmuffett.com/article/14750 and would be interested to chat with anyone regarding whether this is actually a better proposal than the extant diagrams. Alecmuffett ( talk) 21:14, 30 May 2021 (UTC)
There is a method to choose the values, there aren't random. You must choose a prime p, a q which divides p-1 and a generator of order q. In the example, g is not a order q genereator. You can check it with g^q mod p != 1. 5^11 mod 23 != 1. If you choose q=2, it's a example trivial, I suppose you choose q=11. 23-1=22=2*11 — Preceding unsigned comment added by 193.146.209.194 ( talk) 09:36, 23 November 2021 (UTC)
Salom 84.54.73.215 ( talk) 16:56, 29 April 2023 (UTC)
The main image on this article I think might be incorrect? My understanding (from this article even) is that a single public key is agreed upon? The image has Bob and Alice each using their public keys. Can someone correct/corroborate me on this? Epachamo ( talk) 21:31, 9 December 2023 (UTC)
It was proposed over at Talk:Signal Protocol that Post-Quantum Extended Diffie-Hellman might usefully be merge here, for reasons of short text and context. Let's discuss the new proposal here. Klbrain ( talk) 14:56, 28 January 2024 (UTC)