Re: Persistent keys are the problem.....
Firstly, you keep claiming that Alice and Bob can communicate securely "with no transmitted keys and no public keys at all." but you refer to Diffie Hellman.
In the Diffie-Hellman protocol:
- Alice generates a secret key a, and a public key A = e**a
- Bob generate corresponding b and B.
- Alice TRANSMITS her PUBLIC KEY (A) to Bob
- Bob TRANSMITS his PUBLIC KEY (B) to Alice
- Alice computers B**a == (e**b)**a == e**ab;
- Bob computes A**b and they have a shared secret e**ab which they can use to encrypt data.
(Beware: the above is a gross simplification. Do not use this to implement DH.)
Secondly, you have also missed the point that this is _storage_ encryption. Communication (data in transit) can use ephemeral keys, but data-at-rest must be encrypted by keys that persist until the data is no longer required.
And I haven't even _started_ on the issue that DH is completely unauthenticated, so Alice has no way of knowing she is communicating with Bob and not Eve.