Neil Rieck
Waterloo, Ontario, Canada.
https://neilrieck.net

Caveat: This demo occasionally breaks at this hobbyist site. If you notice any problems then please send me an email
Update: This demo broke after I migrated this system from CentOS7 to AlmaLinux8 (via ELevate) which introduced a new version of Apache. While cgi scripting continued to work via http, it failed via https).

• Overview
  • The Diffie-Hellman algorithm occurs as part of the symmetric key cryptography handshake (the same key is used to encrypt and decrypt). Think about a cell-door lock seen in western movieswhere one key is used to both lock and unlock.
  • Eve, the eavesdropper can see a few things (RED) which could be a worrisome for those people who think that a super computer could be used to play along.
  • However, if this handshake is concealed by asymmetric key cryptography (also known as public key cryptography) where a pubic key (which is derived from the server's certificate) is used to encrypt (lock), but a private key is used to decrypt (unlock), then Eve will see no part of the symmetric handshake.
  • Why not use asymmetric keys all the time?
    • first off, asymmetric key cryptography is CPU intensive while symmetric key cryptography is much less so.
    • secondly, there is an added benefit to using two levels of obfuscation.
• Source Code:
  • python: notes - for people new to python programming
  • diffie-hellman: standalone - for people curious about the Diffie-Hellman algorithm (written in Python3)
  • difffe-hellman: web - for people curious about client-server web applications (written in Python3)