= edx: ECDH key exchange using ECDH derived keys https://crates.io/crates/edx[image:https://img.shields.io/crates/v/edx?style=for-the-badge&logo=rust[crates.io]] https://docs.rs/edx[image:https://img.shields.io/docsrs/edx?style=for-the-badge[docs.rs]] This is a toy project, it has NOT been subject to any cryptographic analysis or audit. DO NOT USE IT IN ACTUAL COMMUNICATIONS YET! == What Derive from Ed25519 keys and use these derived keys for ECDH key exchange. See https://docs.rs/edx[docs] and an link:./examples/simple.rs[example] for its usage; and its link:./edx.en.adoc[specification]. Currently only key types from https://crates.io/crates/ed25519-dalek[ed25519-dalek] are supported. More could be added. == Why Before Alice and Bob can begin encrypted communication, they must exchange encryption keys. They could do it in advance, giving each other a pre-generated key; or they could do it "just in time", just before the message(s) to be encrypted. Traditionally, non-interactive communications go with the former, and interactive ones go with the latter. Interactive cases can get away with that; Alice and Bob are going to talk for many rounds, so one more round beforehand doesn't matter. On the other hand, non-interactive cases are annoyed by the the pre-generated keys: there is one more key to manage (in addition to the signing key), which has to be signed, so that's *three* pieces of data in *one* "key distribution"; their static nature means all communications are encrypted with the same shared key, which is frowned upon. We attempt to solve this problem by introducing derived, "ephemeral" keys: instead of being pre-generated, encryption keys are derived from the signing key "just in time". There's only one key to distribute, and encryption keys are different every time. == How Details are laid out in the link:./edx.en.adoc[spec]. Basically, first derive Alice's secret key, by adding the derive factor, as a clamped and reduced scalar, and derive Bob's public key, by adding the corresponding point of that scalar; then it's just plain old ECDH. == Acknowledgements Thanks to the authors of the {curve25519,ed25519,x25519}-dalek crates, the first of which does all the heavy lifting. Without them this project would not exist.