Chinese Yellow Pages | Classifieds | Knowledge | Tax | IME


This diagram illustrates the SSL or TLS handshake as described in the text preceding the diagram.

The combination of Diffie-Hellman and the use of ephemeral session keys are what enables “Forward Secrecy”: even if an attacker gains access to the server’s private key they are not able to passively listen in on the active session, nor can they decrypt previously recorded sessions.

Diffie-Hellman Key Exchange

Both A, B create the shared key together.

Prime number g, p will be chosen and let both sides known

A: pick a, and compute g^a mod p, send to B

B: pick b, and compute g^b mod p, send to A

to get the shared key:  A do: B^a mod p, and B do: A^b mod p

(ga mod p)b mod p = gab mod p
(gb mod p)a mod p = gba mod p



Leave a Reply

Your email address will not be published. Required fields are marked *