And what is the difference between ECDH and DH?
Beginning
When we talk about the key exchange process, often we will see the algorithm being used is DH (Diffie-Hellman) or ECDH (elliptic curve diffie-hellman).
But wait, what is the key exchange process in the first place?
So in every secure connection, before transferring any data, the client and server have to negotiate a key to use for AES symmetric encryption. Remember we talked about how https TLS handshake works here? once the certificate is verified before data transportation, a “shared key” (or session key) has to be agreed upon between the client and server used for symmetric (for example AES) encryption. even though AES encryption (if you not sure how the “11 rounds” works, here is a step-by-step guide) is secure, however, it is very important to make sure the “shared AES key” not be stolen by the man-in-the-middle.
So now I believe you can picture and position the key exchange process for a secure connection (e.g. TLS or Sftp connection). let’s dive into the details.
So how DH (Diffie-Hellman) algorithm works
So Client and Server choose a public key p (a large prime number) and a non-zero integer g. Both…
