A prime modulus ensures the multiplicative group has the right structure for modular exponentiation to behave securely. Without primality, the discrete-logarithm problem becomes much easier to solve.

What is a generator g?

A generator (primitive root mod p) is an integer whose successive powers produce every non-zero integer from 1 to p-1 before cycling. g=2 or g=5 work for many small primes. This tool validates that g is indeed a primitive root for the chosen p.

Is Diffie-Hellman still safe?

Classical DH with 2048-bit or larger primes is still considered safe against classical computers. However, small primes (like those used in this explainer) are trivially breakable by brute force, which is why real systems use much larger numbers.

What is the discrete logarithm problem?

Given g, p, and the public key A = g^a mod p, finding the private key a is called solving the discrete logarithm. For large primes this is computationally infeasible with classical hardware, which is what makes DH secure.

How does this differ from RSA?

DH is a key-agreement protocol — both parties derive the same secret without one party choosing it. RSA is typically used for key encapsulation or signatures, where one party encrypts data with a public key that only the private-key holder can decrypt.

Why do both sides get the same shared secret?

Because (g^a)^b mod p = g^(ab) mod p = (g^b)^a mod p. Exponents commute under modular arithmetic, so Alice computing B^a mod p and Bob computing A^b mod p both yield g^(ab) mod p.

Diffie-Hellman Key Exchange Explainer

Name: Diffie-Hellman Key Exchange Explainer
Availability: InStock
Author: Nham Vu

Enter prime p, generator g, and two private keys to see every step of Diffie-Hellman key exchange, including public keys and the derived shared secret.

Parameters

Prime p

Must be prime. Try 23, 47, 97, 257.

Generator g

Primitive root mod p. Try 5 for p=23.

Private Keys

A Alice's private key a

B Bob's private key b

Quick Presets

Set parameters on the left and click Compute Key Exchange

1 Agree on public parameters Shared openly

Alice and Bob publicly agree on a prime p and a generator g. Anyone can see these — they are not secret.

Prime p

—

Generator g

—

2 Choose private keys Never shared

Each party picks a secret integer. These values never leave their owner — not even the other party sees them.

Alice's private key a

—

Bob's private key b

—

3 Compute and exchange public keys Sent over network

Each party raises g to their private key mod p. The result is their public key, safe to transmit openly.

A Alice computes her public key A

—

B Bob computes his public key B

—

Alice's public key A

—

Bob's public key B

—

4 Derive the shared secret Computed independently

Each party raises the other's public key to their own private key mod p. Due to the commutativity of exponents, both sides arrive at the same number.

A Alice computes shared secret

—

B Bob computes shared secret

—

Shared Secret (both sides agree)

—

Match confirmed

g^ab mod p = — and also —

Security note for small primes

Real-world DH uses primes of 2048 bits or larger. Small values like these are trivially breakable by brute-forcing the discrete logarithm — use them only for learning.

Summary