26Oca
Why do you need random number for ECDH shared key computation
Let's assume that authentication with certificates has been well performed, next step is to generate short-term private&public ECC keys for ECDH shared key computation.
Alice: Generates keyA with RNG and calculates pubkeyA, shares pubkeyA with Bob
Bob: Generates keyB with RNG and calculates pubkeyB, shares pubkeyB with Alice
Both sides calculate the same shared: pubkeyB * keyA = keyB * pubkeyA
In mbedTLS library, mbedtls_ecdh_compute_shared requires random number, even if I already have my private and counter-party public key.
Why do we need random number when we generate the computation of publicA*privateB and vice-versa? What random number does here, if still both sides generate same result?
