6.10 BECAUSE YOU LOVE TORTURE

EXERCISE 6.10: BECAUSE YOU LOVE TORTURE

To emphasize that RSA technically could be used as an ephemeral exchange mechanism, modify your preceding ECDH program to generate an ephemeral set of RSA keys. Exchange the associate public keys and use each public key to send 32 bytes of random data to the other party. Combine both 32-byte trasmissions with XOR to create a “shared key” and run it through HKDF just as the ECDH example does. Once you’ve proved to yourself that this works, review your results from Exercise 6.2 to see why this is too slow to be practical.

Also, creating a shared key with RSA encryption requires a round trip to create the key (transmission of certificate and reception of encrypted key), whereas DH and ECDH only require one transmission from each party to the other. When we learn about TLS 1.3, for example, you’ll see how this can greatly impact performance.

---