Which key exchange algorithm allows two parties to establish a shared secret key without pre-shared secrets?

The algorithm that facilitates two parties in establishing a shared secret key without the need for pre-shared secrets is Diffie-Hellman (DH). This key exchange method operates by allowing each party to generate a public and private key pair. The core principle lies in the fact that they can exchange their public keys openly, while the actual shared secret key is derived independently by each party using their own private key combined with the other party's public key. This process ensures that even though the public keys are exchanged over potentially insecure channels, the shared secret derived from them remains confidential and secure.

Diffie-Hellman fundamentally relies on the mathematical difficulty of the discrete logarithm problem, making it a robust choice for establishing sessions without the necessity of prior knowledge or sharing of secret keys. This ability to generate a shared secret dynamically is a significant advantage in secure communications and is foundational for many modern cryptographic protocols.

While other options like RSA can be used for key exchange, they generally involve encrypting a session key with a public key, which does not fit the criteria of sharing a secret without pre-existing shared secrets in the same intuitive manner as Diffie-Hellman does. ECDH extends the principles of Diffie-Hellman to elliptic curves,