Exercise 11 - Q8

Question

What's the correct answer for "Briefly explain why the DH shares are sent with every message and not only in the first message after being generated."? For me, no grade points have been given; at least a comment on whats expected would have helped if the response was incorrect.

Answer 1

Hi,

You should have gotten some feedback.

However, we do not publish solutions for our exercises.
If you want, you can submit your solution here and we can explain what we feel is wrong or missing in your answer.

Cheers,
Sebastian

Comments

I didn't receive any comment. Sure, this is my writeup.
my username: mahesh

"If the DH key were sent only in the first message, then an attacker who intercepts and decrypts keys can also get hold of later messages and could compromise the long term security. If we don't send new keys they we either have to keep using the same keys or find a way to get new keys from the old, which isn't very effective, keeping security in mind. By sending a new DH share with each msg, the leak of one key doesn't compromise all messages, as each is unique and ensures post-compromise security. This prevents key reuse.

Unlike websites, the chat sessions can be valid for a long time, and the sharing of keys once in the first message isn't very ideal. Additionally, in a group chats like scenario, each participant must update their DH keys as and when the number of participants changes."

---

Hi,

Maybe I forgot to write a comment. Sorry about that.

This question is not about security.
Resending the **same** share does not provide the security benefits that you argue about.

Maybe as a hint:
Take a look at the ratchets.
Think about what would happen if the first message after each asymmetric step would be lost.

If you have any more questions, feel free to ask.

Cheers,
Sebastian