aboutsummaryrefslogtreecommitdiffstats
path: root/docs/hazmat/primitives/asymmetric
diff options
context:
space:
mode:
Diffstat (limited to 'docs/hazmat/primitives/asymmetric')
-rw-r--r--docs/hazmat/primitives/asymmetric/ec.rst8
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index e4df9b10..90e73711 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -147,6 +147,11 @@ Elliptic Curve Key Exchange algorithm
... ).public_key()
>>> shared_key = private_key.exchange(ec.ECDH(), peer_public_key)
+ ECDHE (or EECDH), the ephemeral form of this exchange, is **strongly
+ preferred** over simple ECDH and provides `forward secrecy`_ when used.
+ You must generate a new private key using :func:`generate_private_key` for
+ each :meth:`~EllipticCurvePrivateKey.exchange` when performing an ECDHE key
+ exchange.
Elliptic Curves
---------------
@@ -342,6 +347,8 @@ Key Interfaces
.. method:: exchange(algorithm, peer_public_key)
+ .. versionadded:: 1.1
+
Perform's a key exchange operation using the provided algorithm with
the peer's public key.
@@ -470,3 +477,4 @@ Key Interfaces
.. _`SafeCurves`: http://safecurves.cr.yp.to/
.. _`ECDSA`: https://en.wikipedia.org/wiki/ECDSA
.. _`EdDSA`: https://en.wikipedia.org/wiki/EdDSA
+.. _`forward secrecy`: https://en.wikipedia.org/wiki/Forward_secrecy
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-19 11:01:42 +0000