There is absolutely no need to re-use DH tokens.....
......because one side of the DH exchange can be random AND DIFFERENT for every message!
To be clear.....
(1) Each user chooses a very long random number (possibly prime). This will be hundreds of decimal digits long; this number is the user's private token.
(2) The private token is used (via the Diffie/Helman algorithm) to generate a second number; this is the user's public token.
UserA publicises their public token, say PUBLIC_A. Their private token is kept secret, PRIVATE_A.
UserB wants to send a message to UserA.
(3) UserB chooses a very long random number (possibly prime). This is UserB's private token, PRIVATE_B.
(4) UserB uses their private token to generate a public token, PUBLIC_B.
(5) UserB prepares a message.
(6) UserB calculates the Diffie/Helman secret key (using PUBLIC_A and PRIVATE_B), and encrypts the message.
(7) UserB sends a two part communication to UserA: the encrypted message and PUBLIC_B.
(8) UserB destroys the secret key, PUBLIC_B and PRIVATE_B.
UserA wants to decrypt the message
(9) UserA calculates the Diffie/Helman secret key (using PUBLIC_B and PRIVATE_A), and decrypts the message.
(10) UserA destroys the secret key and PUBLIC_B.
Note:
(A) The secret key only exists for a very short time in steps (6) and (9).
(B) The key is different for every message.
(C) Anyone possessing PUBLIC_A, the encrypted message, and PUBLIC_B has no chance whatever of calculating the transient secret key.
An added benefit is that if the three processes (publish a public token; create and encrypt a message; decrypt a message) are supplied as a software package, then NEITHER USER knows (or needs to know) anything at all about the secret key in steps (6) and (9).
Biting the hand that feeds IT
