The Diffie-Hellman algorithm (D-H algorithm) is a cryptographic protocol that is used to create an encrypted connection between communicating parties over an unsecured channel, without the need to determine the encryption key in advance. The result of the algorithm is a symmetric encryption key, which can be used to encrypt the rest of the communication.
One advantage is that a potential attacker cannot get this key by eavesdropping (interception). The key is created by all participants in this communication and is never sent in an open form. This algorithm guarantees the exchange of a common key in such a way that if the attacker listens to this communication, it is unable to reconstruct the combined key based on the intercepted information.
One disadvantage of this protocol is the defenselessness of Man in the Middle-type of attack, because it does not allow authentication of participants. This protocol, without any combination with other authentication methods, is therefore only appropriate when an attacker cannot disturb communication in an active way.
The module size specifies the type of the group. Usually, there are such groups: 1, 2 and 5. The number of group indicates the length of key - DH-1 (768 bits), DH-2 (1024 bits), DH-5 (1535 bits), DH-14 (2048 bits).
Calculation of the resulting value is very easy (fast), but it is very difficult to find some of the values known only by another participant. This principle, which is the basis of security of this algorithm, is known as the discrete logarithm problem.
Communication using the D-H algorithm proceeds as follows: