Diffie-Hellman key exchange is a cryptographic protocol that allows two communicators (conventionally named Alice and Bob) to agree on a secret key over an insecure communication channel. Once the shared secret key has been established, Alice and Bob can use it to conventionally encrypt their secret communication. It is named for its inventors, Whitfield Diffie and Martin Hellman.
The protocol is as follows:
The protocol is considered secure against eavesdroppers if G and g are chosen properly: the eavesdropper ("Eve") has difficulty to compute the element gab, because she would have to solve the Diffie-Hellman problem related to discrete logarithms in order to deduce a from ga and b from gb.
If Alice and Bob use random number generators whose outputs are not completely random but can be predicted to some extent, then Eve's task is much easier.
The protocol is vulnerable to the man in the middle attack in which the attacker is able to read and modify all messages between Alice and Bob. Workarounds exist, such as digitally signing each message, which is possible if Alice and Bob have a public key infrastructure.
Diffie-Hellman key exchange was invented in 1975 or 1976 during a collaboration between Whitfield Diffie, Martin Hellman and Ralph Merkle and was the first practical method for establishing a shared secret over an unprotected communications channel. It had been discovered by Malcolm Williamson of GCHQ in the UK some years previously, but GCHQ chose not make it public until 1997, by which time it had no influence on research.