• Purpose is to enable two users to securely exchange a key that can then be used for subsequent symmetric encryption of messages
• The algorithm is limited to the exchange of secret values
• Its effectiveness depends on the difficulty of computing discrete logarithms

• For this scheme, there are two publicly known numbers: a prime number q  and an integer a  that is a primitive root of q . 
• User A selects a random integer X_A < q and computes Y_A = a^XA mod q.
• Similarly, user B independently selects a random integer X_B < q and computes Y_B = a^XB mod q. 
• Each side keeps the X value private and makes the Y value available publicly to the other side. Thus, X_A is A’s private key and Y_A is A’s corresponding public key, and similarly for B. 

User A computes the key as K = (Y_B)^XA mod q    and user B computes the key as K = (Y_A)^XB mod q.

These two calculations of K can be shown to produce identical results:

K = (Y_B)^XA mod q   (this K is the secret key calculated by Alice, since XB is known only to Alice)

   = (a^XB mod q)^XA mod q

   = (a^XB)^XA mod q                 by the rules of modular arithmetic

   = a^XBXA mod q

   = (a^XA)^XB mod q

   = (a^XA mod q)^XB mod q

   = (Y_A)^XB mod q  (here K is secret key calculated by Bob, since XB is known only to Bob)