At the core of Diffie-Hellman is the discrete logarithm problem, which makes it computationally difficult for attackers to intercept and decode the shared secret key exchanged between two parties.

Unlike RSA, Diffie-Hellman can be used with TLS’s ephemeral modes, which provide forward secrecy — a property that prevents the decryption of previously captured traffic if the key is cracked ...

How keys are distributed is vital to any encryption system. Find out how to do it with the Diffie–Hellman key exchange and using public-key cryptography.

The answer is an implementation weakness in Diffie-Hellman key exchanges, specifically in the massive and publicly available prime numbers used as input to compute the encryption key.

As Whitfield Diffie (half of the pair who brought us the Diffie-Hellman Protocol for encryption key exchange) put it in 1993 when warning against implementing key escrow and the "Clipper Chip": ...

According to the researchers, all servers that use the Diffie-Hellman key exchange in setting up TLS connections are vulnerable to attacks. This is a server-side attack and cannot be performed on ...

That means a quantum computer could derive an RSA private key from the public key, or compute the secret in an elliptic-curve Diffie-Hellman key exchange, in a matter of hours or days.

In Diffie-Hellman, endpoints that want to create an encryption key in order to secure connections between them first exchange keying information that includes large prime numbers.

And, although Diffie and Hellman were the first to tell the world how public key cryptography could work, they weren't actually the first to figure it out.

By making the encryption key public, Diffie and Hellman made it possible for two parties to secretly share information without ever having to meet.