Diffie-Hellman

ECDH is a variant of the Diffie-Hellman protocol using elliptic curve cryptography. Elliptic curve Diffie-Hellman (ECDH) is an anonymous key agreement protocol that allows two parties, each having an elliptic curve public-private key pair, to establish a shared secret over an insecure channel. This shared secret may be used as a key, or better yet, to derive another key which is then used to encrypt subsequent communications with a symmetric key cipher.

Alternative protocols include the Fully Hashed MQV (FHMQV), an authenticated protocol for key agreement based on the Diffie-Hellman scheme. SSL supports forward secrecy using two algorithms, the standard Diffie-Hellman (DHE) and the adapted version for use with Elliptic Curve cryptography.

ECDHE and DHE are the cornerstones of conventional SSL secure web connection protocols. DHE is significantly slower. ECDHE is supported by all major modern browsers. The Curve25519 function was carefully designed to allow all 32-byte strings as Diffie-Hellman public keys. ECDHE can also be used to protect sensitive data such as Pseudonymized Data which is being used as part of a Data Fading policy.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Elliptic curve Diffie-Hellman".