|WikiProject Cryptography / Computer science||(Rated Start-class, Mid-importance)|
ECDH and Protocol Security
The article states, "The protocol is secure because nothing is disclosed..." Unfortunately, nothing is authenticated, so its only secure against eavesdroppers (passive attackers). It will fail against active attackers (ie, Man in the Middle (MitM)). — Preceding unsigned comment added by Noloader (talk • contribs) 22:00, 16 January 2012 (UTC)
Needs section on vulnerabilities
Isn't this an encryption used by Tor? If so, it seems like this merits a much more detailed article.
Also, is it vulnerable to the attacks described on the elliptic curve article, or to other ones?
What is being done with Tor to mitigate the risks of having "magic constants" and recommended pseudo-random number generators supplied by US government agencies?
Link  is broken
Value of dG
The text says that, "Q = dG, that is, the result of adding G together d times)."
I'm not a cryptographer, but isn't dG the result of adding G together d-1 times? I mean, 2G = G + G, which is adding G together once. Or would it be better to say, "that is, the result of adding d copies of G together"? — Preceding unsigned comment added by 220.127.116.11 (talk) 18:44, 6 October 2014 (UTC)
In the section "Key establishment protocol" a paragraph ends with:
"Each party must have the other party's public key (an exchange must occur)."
It is unclear whether this is a pre-condition or the goal. In order words the article does not clearly identify whether the goal of this process is to exchange these public keys or whether the parties must already have each other's keys in order to engage in the exchange.
- Please add a cryptographic explanation as in Diffie–Hellman_key_exchange#Cryptographic_explanation. 18.104.22.168 (talk) 08:31, 19 November 2017 (UTC)