Key Exchange
ECDH, X25519, X448 and other key exchange algorithms
Key exchange is a cryptographic protocol that allows two parties to securely share a common secret key to establish a secure communication channel. To make a simple analogy, key exchange can be thought of as two people creating a common key for a secure box - but they reach a common key through mathematical operations without sending the key to each other. This way, an attacker intercepting cannot see the key. Key exchange is the foundation of many secure communication protocols such as HTTPS, VPN, and secure messaging.
Use Cases
- HTTPS/TLS connections
- VPN protocols
- Secure messaging
- SSH connections
- Cryptocurrency transactions
- Secure file sharing
- Secure key sharing
- Forward secrecy
- High performance
- Asymmetric cryptography-based protocol
- Modern cryptography
| Algorithm | Security | Speed | Use Cases |
|---|---|---|---|
| ECDH (NIST P-256/384) | Very High | Fast | Modern web applicationsP-256: High-performance systemsP-384: Non-performance-critical, high-security applications |
| X25519 | Very High | Very Fast | Montgomery curves, modern choiceHigh-performance applicationsModern security protocols |
| X448 | Very High | Fast | Montgomery curves, modern choiceHigh-security applicationsSlower than X25519 but higher security |
* Comparisons are relative to reference/hardware acceleration on 64-bit CPU
ECDH (Elliptic Curve)
Modern and efficient key exchange using elliptic curve cryptography. Uses NIST P-256/384 curves.
X25519/X448 (Montgomery Curves)
Modern key exchange using Montgomery curves. Modern choice, high performance.
- • RFC 7748
- • NIST SP 800-56A
- • ISO/IEC 11770-3