Use existing PGP (or other) public keys to generate DHE shared key?

Question

Use existing PGP (or other) public keys to generate DHE shared key?

Closed this issue 7 years ago · 2 comments

I'm a newbie in all this so...

Is it a function of DH (conceptual) or implementation option to generate the resulting shared key from two (or more) existing public keys?

I can work with pyDHE if not but wanted to test the waters first.

Answer 1 · 2018-06-07T19:22:31.000Z

you absolutely could generate a shared key using existing keypairs, but there are two problems with that:

this is possibly not Diffie Hellman. You are simply generating a secret, symmetrical key and using RSA to transfer it. While this is not uncommon, it does not involve DHE and will not be supported by this library; or
Using two static private keys (Diffie Hellman specific - not PGP, RSA, or other) would always result in the same shared secret. This is not Ephemeral (the E in DHE) and does not provide forward secrecy.

In summary, What you are referring to is likely the first case, does not involve DHE, and thus you do not need this library. The second could be supported, but likely wont due to limited use case and reduced forward secrecy.

Answer 2 · 2018-06-08T08:13:57.000Z

Thanks for the quick reply!