ECDH Command

The ECDH command is used to generate a shared secret between two devices. By passing an ECC public key from another device and combining with the ECC private key stored in a slot or with an ephemeral key stored in TempKey and doing the reverse on the other device, both devices will generate the same shared master secret. This can then be further combined with other common data in both sides to generate a shared session key between the devices. The KDF command is often used with TLS sessions to further diversify the shared secret.

Parent topic: Asymmetric Cryptography Commands