Keys have lifetimes. After encrypting a certain number of bytes, keys should be replaced.
What if instead of encrypting large ammounts of our data with keys, we used a method similar to DHE?
- given symmetric key (or public key) k
- given message m
- generate a one-time symmetric key k2
encrypt(k1, k2) -> k2cencrypt(k2, m) -> mc- send
k2c || mc
given:
m := message
k := secret symmetric key
n := nonce()
c := encrypt2(k, n, m):
ns := [ H(n), H(H(n)), ... ]
k2 := keygen()
k2c := encrypt(k, ns[1], k2)
c := encrypt(k2, ns[2], m)
return ns[0] || k2c || c
given:
m := message
pk := public key
n := nonce()
c := encrypt2(pk, n, m):
ns := [ H(n), H(H(n)), ... ]
k2 := keygen()
k2c := encrypt(pk, ns[1], k2)
c := encrypt(k2, ns[2], m)
return ns[0] || k2c || c