Value of ECDH with ECIES
I am struggling to understand the value of ECIES in a offline message encryption scheme with shared static ECDH keys.
So if Bob and Alice each have a static public ECDH key stored in a directory.
Each time Alice wants to send Bob a message, she generates a ECDHE keypair and uses Bobs static ECDH key. She sends along to Bob the ECDHE public key, and Bob uses his static private key to derive a secret.
So sure, the secret will be different every single time. But if Alice's Bob's Private Static Key is ever disclosed then anyone with the messages will be able to read them.
So what's the point? Why didn't Bob and Alice just use there static ECDH keys in the first place?
I can understand the benefit if the ECDHE keys are able to be exchanged in realtime and disposed of when the session terminates. But when encrypting something like email, for example, the use of ECDHE in the ECIES scheme along with static ECDH keys, such as certificates, doesn't seem to add any value.
What am I missing?
