The Diffie-Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel. In various systems, the protocol uses a multiplicative group of integers modulo p, where p is a prime. A public value g is a primitive root of modulo p and is raised to an exponent that is secret on each side of the cryptographic transaction. Due to the features of multiplicative groups, the exchange of two primitive roots, each raised to a secret for one of the parties, can be combined together to form a shared secret between the two parties. Due to the discrete logarithm problem an eavesdropper is unable to easily derive the shared secret.
A variation or a special case of the Diffie-Hellman key exchange utilizes elliptic curve cryptography (ECC). In ECC, the group is not a multiplicative group of a finite field, but rather a subgroup of an elliptic curve. The use of elliptic curves allows for a smaller group size than a multiplicative group to achieve the same level of security.
In some forms of Diffie-Hellman key exchange, one party may re-use a secret value many times. This practice may be called static Diffie-Hellman. Jung Hee Cheon, in a paper entitled “Security analysis of the strong Diffie-Hellman problem.” Advances in Cryptology—EuroCrypt 2006, LNCS 4004, pg. 1, Springer, 2006, which is incorporated herein by reference, found that in a group size q, if q−1 or q+1 has factors of a certain size, then the static Diffie-Hellman problem is actually considerably easier than best known attacks on the Diffie-Hellman problem. In particular, the Cheon algorithm involves the adversary choosing various points Q and seeing a shared secret xQ by getting a first participant to apply the static private key x to Q. Such Cheon attack makes the Diffie-Hellman protocol less secure.