The ElGamal encryption system, introduced by Taher Elgamal in 1985, is a public-key cryptosystem built upon the principles of the Diffie–Hellman key exchange. It operates by first establishing a shared secret, then using this secret to encrypt messages, similar to a one-time pad. The security of ElGamal relies on the computational difficulty of the Decisional Diffie Hellman Problem.

The process involves three main phases: a user (Alice) generates a public and private key pair, another user (Bob) encrypts a message using Alice's public key, and Alice then decrypts it using her private key. Crucially, a new ephemeral key and shared secret are generated for each message to ensure strong security. ElGamal encryption is widely implemented in software such as GNU Privacy Guard (GnuPG) and PGP, and its signature scheme variant forms the basis of the Digital Signature Algorithm (DSA).