On reusing ephemeral keys in Diffie-Hellman key agreement protocols

Alfred Menezes, Berkant Ustaoglu
2010 International Journal of Applied Cryptography  
A party may choose to reuse ephemeral public keys in a Diffie-Hellman key agreement protocol in order to reduce its computational workload or to mitigate against denial-of-service attacks. In this note we highlight the danger of reusing ephemeral keys if domain parameters are not appropriately selected or if public keys are not appropriately validated.
doi:10.1504/ijact.2010.038308 fatcat:xnd6475otbcktclo4o6i5noct4