4.2.1 ECDH Command

The ECDH command is used to generate a shared secret between two devices. By passing an ECC public key from another device and combining it with the ECC private key stored in a slot or with an ephemeral key stored in TempKey and doing the reverse on the other device, both devices will generate the same shared pre-master secret. This can, then, be further combined with other common data in both sides to generate a shared session key between the devices. The KDF command is often used with TLS sessions to further diversify the shared secret.