Is Diffie-Hellman Key Exchange an Asymmetric or Symmetric Algorithm?

Matthew Layton

3/7/23, 6:44 PM

To my understanding, the DHKE algorithm is symmetric since it only produces a shared secret, rather than public and private keys, however googling "is diffie hellman asymmetric?" results in the following:

Based on public key cryptography, the D-H algorithm is a method for securely exchanging a shared key between two parties over an untrusted network. It is an asymmetric cipher used by several protocols including SSL, SSH, and IPSec.

Wikipedia is particularly confusing. I've highlighted key phrases (no pun intended) as to why...

DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. Published in 1976 by Diffie and Hellman, this is the earliest publicly known work that proposed the idea of a private key and a corresponding public key.

The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric-key cipher.

It is also possible to use Diffie–Hellman as part of a public key infrastructure, allowing Bob to encrypt a message so that only Alice will be able to decrypt it, with no prior communication between them other than Bob having trusted knowledge of Alice's public key. Alice's public key is (Ga mod p, g, p). To send her a message, Bob chooses a random b and then sends Alice Gb mod p (unencrypted) together with the message encrypted with symmetric key (Ga)b mod p. Only Alice can determine the symmetric key and hence decrypt the message because only she has a (the private key). A pre-shared public key also prevents man-in-the-middle attacks.

In practice, Diffie–Hellman is not used in this way, with RSA being the dominant public key algorithm. This is largely for historical and commercial reasons, namely that RSA Security created a certificate authority for key signing that became Verisign. Diffie–Hellman, as elaborated above, cannot directly be used to sign certificates. However, the ElGamal and DSA signature algorithms are mathematically related to it, as well as MQV, STS and the IKE component of the IPsec protocol suite for securing Internet Protocol communications.

There's a lot in there relating to Public/Private vs. Secret key, and Asymmstric vs. Symmetric, so I'm looking for some definitive information as to exactly what DHKE is.

Thank you.

243

0 + 0

public-key

symmetric

diffie-hellman

Score:4

Crypto

Daniel S

3/7/23, 7:13 PM

The Diffie-Hellman key exchange is an asymmetric algorithm that is used to establish a symmetric key.

In general asymmetric cryptography is when the communicators have access to different secret information and symmetric cryptography is when they have access to identical secret information. Symmetric cryptography is a less stringent model and so is typically more efficient. Asymmetric cryptography is primarily used to establish shared secrets so that subsequent communications can use the more efficient methods of symmetric cryptography.

In the Diffie-Hellman exchange users create their individual private secrets $a$ and $b$ and hence this is an asymmetric method. The public values $g^a$ and $g^b$ are then transmitted available to all. The shared secret value $g^{ab}$ is only supposed to be computable by the initial individuals. Once this shared key is established between the communicators, it can be used symmetrically between the two users.

0 + 0

ilkkachu

3/8/23, 9:21 AM

On the other hand... the steps of the DH algorithm are symmetric; both sides do the same operations, even if one of those is "generate a random integer", which obviously will produce different results for both. While when sending e.g. AES-CBC encrypted data, the sender would use $C = E_k(P)$ and the receiver would use $P = D_k(C)$, i.e. the steps are asymmetric. (Though in CTR, $E_k = D_k$, so that'd be symmetric again... Then again, anything authenticated would be asymmetric since creating the auth tag and checking it are two different operations...)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is Diffie-Hellman Key Exchange an Asymmetric or Symmetric Algorithm?

TH: Diffie-Hellman Key Exchange เป็นอัลกอริทึมแบบอสมมาตรหรือสมมาตรหรือไม่

RO: Schimbul de chei Diffie-Hellman este un algoritm asimetric sau simetric?

RU: Является ли обмен ключами Диффи-Хеллмана асимметричным или симметричным алгоритмом?

VI: Trao đổi khóa Diffie-Hellman là thuật toán bất đối xứng hay đối xứng?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.