You've requested...

Share this with your colleagues:

Diffie-Hellman Key Exchange - A Non-Mathematician's Explanation

If a new window did not open, click here to view this asset.

Download this next:

Jargon Buster Guide to Post Quantum Cryptography

Post-quantum cryptography is appearing on a growing number of security-related conference agendas as a range of different countries invest in quantum computing and report progress in this regard because viable quantum computers pose a direct threat to most of the encryption systems currently used to protect the most sensitive information by governments and military and commercial organisations.

The problem lies in the fact that most public key cryptography is based on asymmetric encryption systems that are based on complex mathematical problems that would even take a super computer a long time to solve. However, computers based on quantum mechanics will theoretically be able to able to carry out integer factorisation of very large prime numbers and compute discrete logarithms very quickly, allowing attackers to be able to discover the encryption keys for targeted systems.

To ensure that extremely sensitive data held by governments and military and commercial organisations is still secure in a post-quantum era, when attackers will be able to access quantum computers, many experts in the field believe that organisations that rely on encryption to keep data safe should be investigating post-quantum alternatives already so that they are ready to switch to these systems as soon as they are necessary.

The definitions and articles in this e-guide Jargon Buster will help you understand the key concepts of quantum computing and why businesses should be acting now to ensure they are able to encrypt sensitive data in a secure way in a post-quantum era.

These are also closely related to: "Diffie-Hellman Key Exchange - A Non-Mathematician's Explanation"

  • Definitive Guide to Exchange Server 2010 Migration: Chapter 1: Under the Hood of Exchange Server 2010

    Exchange Server 2010 has been hailed as more than just an upgrade from Exchange 2007. Its improved email-archiving, high-availability and storage features seem to have solved many Exchange administrator and user frustrations. So, maybe now is the time for your organization to upgrade to Exchange 2010. Do you know what you’re getting into? Do you have a plan?

    This expert e-book highlights all the complicated aspects of migrating to this new platform. Discover how to move further along in the migration process, with details describing key topics such as:

    • How to properly document an upgrade for administrators and users
    • Step-by-step directions on how to move from Exchange 2003 or Exchange 2007 to Exchange Server 2010
    • Exchange testing dos and don’ts
    • Key management tips and tricks to keep your servers running at peak condition

    Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.


  • The exploitation of flaws in the HTTPS protocol

    The HTTPS protocol is a vital tool in safeguarding the security of our personal and business lives. This protocol ensures that important data such as financial information, intellectual property and login credentials are encrypted and integrity protected as they travel across the internet. Ultimately this means a malicious observer is unable to obtain, view, use or sell this important data. To both technical and non-technical users, the presence of “HTTPS” at the start of the website URL will provide enough confidence to consider entering sensitive information such as bank or credit card details. However, in this article we will explain how even websites owned by the most reputable organisations may be exposed to a 20-year-old attack – originally known as the “Million Message Attack” due to Daniel Bleichenbacher – if HTTPS is not properly implemented. Around 33% of internet servers were found to be vulnerable to this attack in 2016, and both Facebook and PayPal remained vulnerable in 2017. Furthermore, related weaknesses in HTTPS implementations are still regularly being discovered. As a result, a secure TLS implementation is imperative for all organisations looking to maintain their business reputations and sensitive intellectual property.

Find more content like what you just read:

  • Zero-Trust & App-Specific Networking: Deliver secure connectivity instantly

    Read this white paper to learn about a new networking platform designed to enable secure and reliable connect applications without the constraints of VPNs, custom hardware and private circuits.


  • Expert E-zine: Who has access to your email?

    In this edition of The Exchange Insider, explore the next steps for your email messaging platform with the following Exchange topics: Evaluating Office 365, auditing Exchange 2010 and troubleshooting virtualized Exchange Servers.


  • The Global State of Enterprise Mobility 2014/15

    An exclusive look at where buyers are investing in enterprise mobility and the drivers behind the market.


  • Exchange Migration E-Book Chapter 2: Mastering the Art of Migration Documentation

    This sample chapter explains how to draft a useful migration document and outlines key points your Exchange Server upgrade document should include, such as management strategies, storage design, software compatibility and more.


  • Step-by-step Guide to Migrating from Exchange 2003 to Exchange 2010

    While Exchange 2010 promises to offer enhanced communication and collaboration capabilities, the migration process can still be a challenge for even the most diligent IT professional. Take a look at this e-book from the editors at for a top-to-bottom, expert analysis of the Exchange migration process.


  • Storage Buyer's Checklist: Solid-State Storage Arrays

    In this expert Essential Guide, check out solid-state storage array options, purchasing considerations and access a buyer's feature checklist. Make a better decision today!


  • Exchange Insider E-Zine vol. 11: Office 365, mobile devices, Exchange security

    In this edition of the Exchange Insider E-Zine, explore how to migrate to Office 365, support mobile devices and protect your Exchange Server environment from the latest threats.


  • How managed file transfer can help with critical business initiatives

    Managed file transfer (MFT) software is used to automate and encrypt the data exchanged between an organization and its trading partners, users, and employees—but it can still help solve problems outside of your basic file transfer needs.


  • Maximize ROI with a Managed File Transfer Tool

    Download this white paper to learn about managed file transfer, a secure tool that simplifies and encrypts the exchange of data between systems, employees, and customers using a single point of control that has extensive security settings.


  • Exchange Insider E-Zine - Volume 10: Who’s Reading Your Email?

    With more business being conducted via email and an increasing reliance on messages, concerns about mail server security, accessibility and admin privileges (or excessive privileges) are completely valid. Volume 10 of the Exchange Insider e-zine dissects two types of Exchange 2010 auditing and explains why you should use them.


  • Protecting against modern password cracking

    This article in our Royal Holloway Security Thesis series explains just how insecure passwords are and offers advice on alternative methods of security.


  • IT Handbook: Exchange Virtualization for VMware

    VMware has received a lot of attention for its flexibility and reliability, but that doesn't guarantee it's the best hypervisor for your Exchange environment. This IT handbook examines how VMware compares to Microsoft and Citrix and discusses tools and tips to help you navigate the Exchange virtualization process with ease.


  • E-Guide: Requirements for Virtualizing Exchange Server 2010

    This expert e-guide provides you with everything you need to know about virtualizing Exchange 2010. Discover the hardware, storage, memory, and availability requirements you will have to meet as well as the steps you must take before getting started with this process.


  • Virtualizing your Exchange Server: Fact vs. fiction

    Find out what's fact and what's fiction about virtualizing your Exchange Server. What steps should you take, and how can you ensure success? Explore all these questions and more in this e-book.


  • Building trust in the security of RFID systems

    This article in our Royal Holloway Information Security Thesis Series looks at the growing need for automated tools to verify protocols and address concerns over security and privacy.


  • Machine learning concepts for everyone

    This easy-to-read, entry-level e-book explains all the basics of machine learning, without the technical lingo that bogs it down. Read on for more information.


  • How to secure telecommunications in the age of 5G and IoT

    Download this white paper to learn why privileged access management is key to protecting telecom's critical infrastructure.


  • Getting started with automation: The first steps

    In this guide for IT, find out what it takes to build a successful automation integration strategy, focused on two key areas – infrastructure and business processes.


  • Top strategies to master an Exchange 2010 migration

    Find out how you can avoid the most common mistakes that Exchange admins make when migrating to Exchange 2010 in this e-guide. Plus, gain tips for how to properly document and plan your migration.


  • E-Book: Definitive Guide to Exchange 2010 Migration Chapter 4: Load Testing and Security Exchange 2010

    This chapter explains how to test Exchange 2010 with native and third-party management tools and how best to protect your investment.


  • How SSL-Encrypted Web Connections are Intercepted

    In this expert e-guide, uncover 4 key strategies for defending against illegal TLS/SSL-encrypted Web connection interception. Learn how these cyber-attacks work, the challenges of digital certificates, SSL-interception tools, and more by reading on now.


  • Expert ways to maximize security in Exchange

    This expert e-guide provides tips for maximizing Exchange security, including how to leverage the enhanced capabilities in Forefront Protection 2010. In addition, it reviews the 6 most commonly overlooked Exchange security vulnerabilities.


  • 5 AI and ML myths debunked

    Read this white paper for an explanation of the key differences between weak and strong AI and a debunking of 5 common myths regarding AI and machine learning (ML).


  • How marketers can identify active demand within target accounts

    If you're a marketer focused on demand generation, ABM or other approaches, download this e-book to learn how to identify active demand available within your existing target accounts, evolve your lead and account qualification concepts, eliminate the legacy barriers causing marketing and sales disconnects and more.


  • Explore how financial institutions are responding to third-party risk

    Today's complex business world means that organizations need to work with third parties. While this is critical, the exchange of sensitive information creates a new set of security risks. In this research report, explore key findings from a survey aimed to assess how financial institutions are responding to third-party cyber-risk.


  • About to Buy Guide: Spam/virus protection for Exchange

    This expert e-guide explores the value of a comprehensive email security strategy, and compares the pros and cons of various approaches. Discover how you can gain the antispam and antivirus protection you need to keep email threats at bay and productivity high.


  • Exchange Server: E-mail Archiving and Security

    Review today's best (and worst) practices for email archiving inside this Exchange e-guide. Gain expert tips and tricks for managing and monitoring your Exchange servers along with six commonly overlooked security vulnerabilities to look out for.


  • The future of digital forensics

    This article in our Royal Holloway Information Security series looks at the challenges investigators face when tackling the complexities of full disk encryption.


  • Jargon buster guide to GDPR

    In this guide, we provide the 10 most important things you need to know about GDPR, and a jargon-buster explanation for some of the key terminology.


  • Exchange Insider E-Zine Vol. 14: Securing Mobile Devices and Exchange

    This essential e-zine reviews key BYOD concerns and considerations for Exchange admins, and offers tips for addressing the technical logistics of delivering secure email access to mobile devices. Learn how to leverage PowerShell scripts, ActiveSync data, and more.


  • Four Secrets to a Successful Office 365 Deployment

    Download this white paper to learn 4 ways to help ensure a successful Office 365 deployment with Zscaler.


  • Fair exchange protocols with anonymity and non-repudiation for payments

    This article in our Royal Holloway Information Security series looks in detail at two key principles necessary for secure payments: fair exchange and non-repudiation.


  • Learn why the 4 A's in this analytics solution could change the way you do business

    Watch this announcement webinar to learn the potential of NLP search, automated and real-time data flows, and AI-powered insight technologies combined for analytics, and why TIBCO Spotfire X could be a strong asset in your business.


  • 3 key considerations when choosing an email content security provider

    Email is a critical business function deeply embedded in business processes. Its ubiquity makes email a platform for credential phishing attempts, malware, spam, and business email compromise. This research report suggests 3 key considerations to look for when choosing an email content security provider.


  • CW+: Bloor Research - EU Compliance and Regulations for the IT Professional

    This paper highlights key directives and legislation within the European Union that have an impact on IT security practitioners, especially those responsible for the safe storage of data using data loss prevention technologies.


  • Mac OS X persistent evidences for forensic purposes

    This article in our Royal Holloway Information Security Thesis Series provides a technical explanation of how Mac OS X persistence evidences can be extracted for forensic investigation.


  • Exploring cloud Security as a Service options

    There are a number of new cloud-based security products, to help mitigate today’s cloud computing risks. This tip examines Security-as-a-Service tools available and the key features that are most important in a cloud server security platform such as encryption, identity management, configuration and vulnerability management and more.


  • For crying out cloud, it's time to migrate your data

    For an in-depth explanation on data repository types and uses (partnered with an easy-to-read cheat sheet), take our brief customer interest survey to help us gauge current industry trends and to help us provide a better experience for our users, overall.


  • Machine learning: More than dropping data into an algorithm

    Machine learning is more than dropping large data sets into some predetermined algorithms. Fortunately, you don't need to figure it out on your own. Watch this explanation video from Estafet Consulting to learn how they can help you get going on machine learning driven insights.


  • How to boost customer experience in the digital age

    Read this white paper to discover how you can boost your customer experience in the digital age with technologies like AI and automation, and more.


  • Get started with blockchain

    Effective and cost-efficient blockchain implementation starts with understanding it does not function as a standalone environment. For a more detailed explanation, read this white paper.


  • CX case study: How inQuba delivered an enhanced customer experience

    In this case study, learn how inQuba America was able to use TIBCO to successfully exchange data with clients' core operational and financial systems, get an in-depth view of how customers interact with their business, and more.


  • The Top Cyber Security Trends in ANZ in 2017

    In this e-guide, read about Australia's plan for getting technology suppliers and service providers to decrypt encrypted messages, why threat intelligence is more than just ingesting data feeds into a security system and the risks that shadow IT can bring to organisations in Australia and New Zealand.


  • Encryption 101: An interactive guide for securing your data

    In this guide, you'll learn the basics of encryption, the prerequisites of data confidentiality, key management, and data encryption in the top tier public clouds. Discover how this can enhance your intelligent data encryption strategy at your organization, today.


  • CW+: KPMG: Dynamic technologies for smarter government

    The demands being placed on government in the 21st century are being driven by forces of change that are in many cases beyond its control.


  • 7 best practices for mobile business intelligence

    Mobile business intelligence (BI) is about putting data and analytics wherever work is being done. Read this white paper for 7 best practices for mobile BI.


  • The top 10 ransomware attacks from last year

    Discover the top 10 ransomware attacks of 2017 in Versa Network's Threat Research Lab report. This report analyzes the ransomware lifecycle and takes a look at the attacks that negatively impacted businesses worldwide.