The protocol is based on modular exponentiation using a public base g, a public modulus p, and private exponents secretly chosen by each participant. For Alice and Bob to agree on a secret key, Alice first chooses a large integer a and Bob chooses a large integer b. Alice then calculates (ga mod p) = A and sends A to Bob, while Bob calculates (gb mod p) = B and sends B to Alice. Alice computes her key as Ba mod p, and its identical to Bobs key, Ab mod p, because both are equivalent to gab mod p. Alice and Bob can now use the shared key with a cipher of their choice for secure communication, as you can see from my simple demonstration.
You can enter exponents from 2 to 999 for Alice and Bob, then click Go! to see the calculations and verify that both participants wind up with identical keys. (If you choose exponents no greater than 256, youll be able to see the intermediate results in the modular exponentiation. Displaying larger results would require a very wide screen!)
An adversary will find it extremely difficult to determine a, b, or the shared key from the publicly available information (g, p, A, and B). Even Alice and Bob cant deduce each others exponent. (In this simple demo, it might be feasible to reconstruct the private exponents because my program wont allow exponents larger than 3 digits, but a real-world implementation would use exponents perhaps 300 digits in length. I kept the exponents small not because of any computational difficulties with large numbers, but simply to facilitate displaying the exponents onscreen.)
With more than 2 people, everyone passes the intermediate results to the person on their right until the keys have been determined, requiring n - 1 exchanges for n people. Ive included demos for 3 and 4 people, illustrating again that the final keys will be identical.References: