-1

What the benefit of the shared key that generated from ECDH key exchange protocol? Can I use it to encrypt the message or encrypt the public key of asymmetric encryption?

Ievgeni
  • 2,585
  • 1
  • 10
  • 32
amal albilali
  • 1

1 Answers1

0

In principle your could use the derived secret for encryption. But this has several disadvantages. It may leak information about the involved keys and is vulnerable by man-in-the-middle attacks.

A common scheme is to use the derived shared secret to seed a key derivation function to derive stronger keys and get better security properties (forward secrecy, ...)

gmoktop
  • 236
  • 1
  • 1
  • 1
    How does the use of a key derivation function protect you from man-in-the-middle attacks? If you bring MITM up, you might want to mention how to defend against it... – poncho Jun 14 '22 at 18:21