Allied Telesis AT-S62 User Manual

Chapter 31: Encryption Keys

694

Section VII: Management Security

The security of the Diffie-Hellman algorithm depends on these values.
Public key values less than 768 bits in length are considered to be
insecure.

A Diffie-Hellman exchange starts with both parties generating a large
random number. These values are kept secret, while the result of a public
key operation on the random number is transmitted to the other party. A
second public key operation, this time using the random number and the
exchanged value, results in the shared secret. As long as no other party
knows either of the random values, the secret is safe.