Variants of Diffie-Hellman
There are three main variants of Diffie-Hellman in SSL/TLS.
- Anonymous mode
- Anonymous mode does not use authentication and is therefore vulnerable to man-in-the-middle attacks. You should not use anonymous Diffie-Hellman.
- Static mode
- Static Diffie-Hellman reuses at least one of the two DH private keys unchanged for all connections. If both DH private keys are reused, the term "static-static" is used. If only one side uses the same key, the term is “ephemeral-static”. In some implementations, it might make sense to have one static DH private key, especially on the server side, for performance reasons.
- Ephemeral mode
- Ephemeral Diffie-Hellman generates a new temporary DH private key for every connection, which enables PFS. When both sides always create new DH private keys for new connections, this is called “ephemeral-ephemeral”.