Diffie-Hellman key exchange is a method by which two parties can agree on a shared secret key over a public channel without ever sending the key itself. It was introduced by Whitfield Diffie and Martin Hellman in their 1976 paper “New Directions in Cryptography,” which described public key distribution as a way to minimize the need for secure key distribution channels.
The method works through modular arithmetic. The two parties publicly agree on shared parameters, each picks a private number, and each sends the other the result of raising a common base to their private number. Each side then raises the value it received to its own private number, and both arrive at the same shared result. An eavesdropper sees the exchanged values but cannot easily recover the secret, because doing so would require solving the discrete logarithm problem, which is believed to be computationally hard.
What made this radical, as Hellman’s pages emphasize, is that two strangers who have never met and share no prior secret can still establish a private key over an open line. Before 1976, secure communication required distributing keys in advance through a trusted channel.
Diffie-Hellman key exchange remains in everyday use. Hellman’s Stanford home page notes that public-key cryptography enables secure Internet transactions processing trillions of dollars every day, and key agreement of this kind is part of the HTTPS and TLS protocols that protect web traffic.