Is Diffie-Hellman Key Exchange an Asymmetric or Symmetric Algorithm?

Question

To my understanding, the DHKE algorithm is symmetric since it only produces a shared secret, rather than public and private keys, however googling "is diffie hellman asymmetric?" results in the following:

Based on public key cryptography, the D-H algorithm is a method for securely exchanging a shared key between two parties over an untrusted network. It is an asymmetric cipher used by several protocols including SSL, SSH, and IPSec.

Wikipedia is particularly confusing. I've highlighted key phrases (no pun intended) as to why...

DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. Published in 1976 by Diffie and Hellman, this is the earliest publicly known work that proposed the idea of a private key and a corresponding public key.

The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric-key cipher.

It is also possible to use Diffie–Hellman as part of a public key infrastructure, allowing Bob to encrypt a message so that only Alice will be able to decrypt it, with no prior communication between them other than Bob having trusted knowledge of Alice's public key. Alice's public key is (Ga mod p, g, p). To send her a message, Bob chooses a random b and then sends Alice Gb mod p (unencrypted) together with the message encrypted with symmetric key (Ga)b mod p. Only Alice can determine the symmetric key and hence decrypt the message because only she has a (the private key). A pre-shared public key also prevents man-in-the-middle attacks.

In practice, Diffie–Hellman is not used in this way, with RSA being the dominant public key algorithm. This is largely for historical and commercial reasons, namely that RSA Security created a certificate authority for key signing that became Verisign. Diffie–Hellman, as elaborated above, cannot directly be used to sign certificates. However, the ElGamal and DSA signature algorithms are mathematically related to it, as well as MQV, STS and the IKE component of the IPsec protocol suite for securing Internet Protocol communications.

There's a lot in there relating to Public/Private vs. Secret key, and Asymmstric vs. Symmetric, so I'm looking for some definitive information as to exactly what DHKE is.

Thank you.

Answer 1

The Diffie-Hellman key exchange is an asymmetric algorithm that is used to establish a symmetric key.

In general asymmetric cryptography is when the communicators have access to different secret information and symmetric cryptography is when they have access to identical secret information. Symmetric cryptography is a less stringent model and so is typically more efficient. Asymmetric cryptography is primarily used to establish shared secrets so that subsequent communications can use the more efficient methods of symmetric cryptography.

In the Diffie-Hellman exchange users create their individual private secrets $a$ and $b$ and hence this is an asymmetric method. The public values $g^a$ and $g^b$ are then transmitted available to all. The shared secret value $g^{ab}$ is only supposed to be computable by the initial individuals. Once this shared key is established between the communicators, it can be used symmetrically between the two users.