diff --git a/storage/e2e/key.go b/storage/e2e/key.go
index 49900a09acd032bdbae55c1e90bbc7a69a357c4f..ed40e54e5d11e39a8e1ec2e2b41befca1a9b97d3 100644
--- a/storage/e2e/key.go
+++ b/storage/e2e/key.go
@@ -12,8 +12,42 @@ import (
 	e2eCrypto "gitlab.com/elixxir/crypto/e2e"
 	"gitlab.com/elixxir/crypto/hash"
 	"gitlab.com/elixxir/primitives/format"
+	"github.com/cloudflare/circl/dh/sidh"
+	"gitlab.com/elixxir/crypto/cyclic"
+	dh "gitlab.com/elixxir/crypto/diffieHellman"
+	jww "github.com/spf13/jwalterweatherman"
 )
 
+// GenerateE2ESessionBaseKey returns the baseKey symmetric encryption key root.
+// The baseKey is created by hashing the results of the diffie-helman (DH) key
+// exchange with the post-quantum secure Supersingular Isogeny DH exchange
+// results.
+func GenerateE2ESessionBaseKey(myDHPrivKey, theirDHPubKey *cyclic.Int,
+	dhGrp *cyclic.Group, mySIDHPrivKey *sidh.PrivateKey,
+	theirSIDHPubKey *sidh.PublicKey) *cyclic.Int {
+	// DH Key Gen
+	dhKey := dh.GenerateSessionKey(myDHPrivKey, theirDHPubKey, dhGrp)
+
+	// SIDH Key Gen
+	sidhKey := make([]byte, mySIDHPrivKey.SharedSecretSize())
+	mySIDHPrivKey.DeriveSecret(sidhKey, theirSIDHPubKey)
+
+	// Derive key
+	h := hash.CMixHash.New()
+	h.Write(dhKey.Bytes())
+	h.Write(sidhKey)
+	keyDigest := h.Sum(nil)
+	// NOTE: Sadly the baseKey was a full DH key, and that key was used
+	// to create an "IDF" as well as in key generation and potentially other
+	// downstream code. We use a KDF to limit scope of the change,'
+	// generating into the same group as DH to preserve any kind of
+	// downstream reliance on the size of the key for now.
+	baseKey := hash.ExpandKey(hash.CMixHash.New, dhGrp, keyDigest,
+		dhGrp.NewInt(1))
+
+	return baseKey
+}
+
 type Key struct {
 	// Links
 	session *Session
@@ -96,7 +130,8 @@ func (k *Key) denoteUse() {
 	k.session.useKey(k.keyNum)
 }
 
-// Generates the key and returns it
+// generateKey derives the current e2e key from the baseKey and the index
+// keyNum and returns it
 func (k *Key) generateKey() e2eCrypto.Key {
 	return e2eCrypto.DeriveKey(k.session.baseKey, k.keyNum,
 		k.session.relationshipFingerprint)