Elliptic Curve Diffie Hellman (ECDH)

What is Elliptic Curve Diffie Hellman (ECDH)?

Elliptic Curve Diffie Hellman (ECDH) is a method two parties use to agree on the same secret key by talking in public. No secret ever leaves either side, yet both end up with matching keys. Think of it like two baristas mixing different syrups that magically yield the same flavor, while everyone else only sees the cups.

How Elliptic Curve Diffie Hellman (ECDH) works

Quick walkthrough: imagine your wallet app pairing with a new device. They speak in public, but whisper in math.

1. Start: Each side creates a random private key and keeps it secret, then prepares a matching public point. This pair is part of the broader idea of cryptographic keys.
2. Share: They exchange public points over any channel people can see, even a noisy chat.
3. Mix: Each party combines their private secret with the other side’s public point to arrive at the same shared point.
4. Derive: They run that shared point through a key derivation function to get a fresh symmetric key.
5. Use: That symmetric key handles encryption and message checks for the session. ECDH simply set the table.

That’s the whole move. Quiet math, loud results.

Why Elliptic Curve Diffie Hellman (ECDH) Matters

Here’s the payoff, without fluff:

• Benefit: Smaller keys and quick handshakes save bandwidth, battery, and time, which your phone and your fees will appreciate.
• Perspective: Its security rests on the hardness of the Elliptic Curve Discrete Logarithm Problem (ECDLP), which current computers struggle to reverse.
• Relevance: You’ll meet it in wallet pairing, P2P messaging, Lightning node handshakes, and the crypto parts of TLS.

Key Characteristics of Elliptic Curve Diffie Hellman (ECDH)

What makes it stand out:

• Compact: Strong security with shorter keys than legacy schemes like RSA.
• Quick: Fast to compute, good for mobile and high traffic systems.
• Secret: The shared key never crosses the wire, only public points do.
• Forward: With fresh ephemeral keys, yesterday’s messages stay safe even if a device is compromised later.

Variations

Different flavors fit different threat models:

• Static: Long lived keys keep sessions consistent, but offer less privacy.
• Ephemeral: Fresh keys per session deliver forward secrecy as the default.
• Hybrid: One side static, one side ephemeral balances identity and privacy.

Example

When two Lightning nodes connect, they run Elliptic Curve Diffie Hellman (ECDH) to spin up a shared session key, and a wallet may use the Elliptic Curve Integrated Encryption Scheme (ECIES) to send an encrypted device pairing request afterward.

Fun Fact

Elliptic curve crypto was proposed in the mid eighties by Koblitz and Miller, long after the original Diffie and Hellman idea, and it took off because you get similar security with much shorter keys. Less math on your phone, more battery for everything else.

Wrap Up

Short take: ECDH lets two parties agree on a secret key in public, then use it for private chat or payments, no drama.