The disadvantage of DH algorithm is that it does not provide any information about the identity of both parties. It is computationally intensive and therefore vulnerable to blocking attacks, that is, opponents request a large number of keys. The attacked person spends a lot of computing resources to solve useless power coefficients instead of doing real work, so there is no way to prevent repeated attacks.
Vulnerable to man-in-the-middle attacks, the third party C plays B when communicating with A; When communicating with B, A, A and B all negotiate a key with C, and then C can monitor and transmit traffic.
Extended data:
Based on the definition and attributes of the original root, the Diffie-Hellman key exchange algorithm can be defined. The algorithm is described as follows:
1 has two global common parameters, a prime number q and an integer a, where a is the primitive root of q. ..
2. suppose users a and b want to exchange a key, and user a chooses a random number XA (XA
3. The calculation method of * * * key generated by user A is k = (Yb) xamod q. Similarly, the calculation method of the * * * key generated by user B is k = (ya) xbmod q. These two calculations produce the same result:
k =(yb)^xa mod q =(a^xb mod q)^xa mod q =(a^xb)^xa mod q? = a (xbxa) mod q = (axa) xbmod q = (axa mod q) xbmod q = (ya) xbmod q Therefore, it is equivalent that both parties exchanged the same key.
Baidu encyclopedia -Diffie-Hellman