I've been tasked with building a Web Assembly site that implements E2EE. I was thinking of using ElGamal Encryption to encrypt the message and Diffie-Hellman to establish the key. After doing further research, I'm having trouble understanding the practical use cases of using ElGamal vs Diffie-Hellman.
If I'm understanding correctly. Diffie-Hellman and ElGamal both rely on the discrete log problem which makes them both ideal. Diffie-Hellman only establishes a key between two hosts, then a symmetric cryptography system is used to send a message. ElGamal encrypts the message one time, using the same method as Diffie-Hellman and then it must be regenerated each time which is slow and time consuming. So I'm thinking Diffie-Hellman would be best for a scenario when users are communicating frequently, and ElGamal for a one time file transfer.
So I am debating on which use within my web app. I was initially thinking to use both Diffie-Hellman and ElGamal. Now, I am thinking to use Diffie-Hellman to establish a key between two parties, then use a symmetric encryption scheme like AES.
One article I found particularly useful was https://www.commonlounge.com/discussion/2be4d294aa9e44d4b67f6644cd9b5ced
Particularly, Heading "Practical use and Applications"
If I were to use Diffie-Hellman & AES, how often would a key need to be regenerated?
I'm hoping someone can confirm if I'm understanding the practical uses correctly and help fill in any gaps in my understanding.
Thank you!
