Re: [openssl-users] Encryption and Decryption using ECC based certificate private/public key pair
Hi Jeff,
Thanks a lot for the detailed explanation. Since I have a requirement to
use the certificate public/private keys for encryption/decryption I believe
I should be able to use ECDHE based approach.
Regards
Jayalakshmi
On Sun, Apr 26, 2015 at 11:41 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Mon, Apr 27, 2015 at 12:54 AM, Jayalakshmi bhat
bhat.jayalaks...@gmail.com wrote:
Hello All,
I am working on a project where there is need to encrypt and decrypt
certain
data using certificate public/private key pair. So far we were using RSA
based certificates. OpenSSL provides good number of API's for RSA based
encryption/decryption operation.
Now we are planning to support ECDSA based certificates also. I am not
able
to find any encryption/decryption API's in EC context.
I wanted to know are there any encryption/decryption API's using ECDSA
based
public/private key pair. Or is there any sample code I can look into.
ECDSA is a signing algorithm used for authentication. If you want to
encrypt/decrypt, then you need something else.
In the case of SSL/TLS, the something else is ECDHE. A shared secret
drops out of the ECDHE key exchange, and that's used to key a channel
for bulk encryption. The ECDSA signature authenticates ECDHE
parameters so you know they are authentic (i.e., from the party who
you expect, and not an adversary).
In addition to ECDHE, another choice is the MQV family of key
exchanges. Its a family now because MQV leaked some information about
the private exponent, so Krawczyk provided Hashed MQV (HMWV). HMQV
was later improved by Sarr, Elbaz–Vincent, and Bajard with Fully
Hashed MQV (FHMQV).
As far as encryption systems outside of SSL/TLS, check out Elliptic
Curve Integrated Encryption Scheme (ECIES). You can do bulk encryption
and decryption with it also. But it does not use an ECDSA key per se;
rather, its just a ecPublicKey ASN.1 type.
ECIES a Diffie-Hellman based integrated scheme that combines a Key
Encapsulation Mechanism (KEM) with a Data Encapsulation Mechanism
(DEM). The output is a 3-tuple {K,C,T}, where K is a encrypted shared
secret (lots of hand waiving), C is the cipher text and T is an
authentication tag. In ECIES, K is really half of a ECDHE exchange
with an ephemeral key. To recover the encrypted shared secret, the
person doing the decryption uses their long term static key to perform
the other half of the key exchange, and that's the shared secret. The
shared secret is then digested with a KDF and used to key a stream
cipher and a HMAC.
Jeff
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Encryption and Decryption using ECC based certificate private/public key pair
On Mon, Apr 27, 2015 at 12:54 AM, Jayalakshmi bhat
bhat.jayalaks...@gmail.com wrote:
Hello All,
I am working on a project where there is need to encrypt and decrypt certain
data using certificate public/private key pair. So far we were using RSA
based certificates. OpenSSL provides good number of API's for RSA based
encryption/decryption operation.
Now we are planning to support ECDSA based certificates also. I am not able
to find any encryption/decryption API's in EC context.
I wanted to know are there any encryption/decryption API's using ECDSA based
public/private key pair. Or is there any sample code I can look into.
ECDSA is a signing algorithm used for authentication. If you want to
encrypt/decrypt, then you need something else.
In the case of SSL/TLS, the something else is ECDHE. A shared secret
drops out of the ECDHE key exchange, and that's used to key a channel
for bulk encryption. The ECDSA signature authenticates ECDHE
parameters so you know they are authentic (i.e., from the party who
you expect, and not an adversary).
In addition to ECDHE, another choice is the MQV family of key
exchanges. Its a family now because MQV leaked some information about
the private exponent, so Krawczyk provided Hashed MQV (HMWV). HMQV
was later improved by Sarr, Elbaz–Vincent, and Bajard with Fully
Hashed MQV (FHMQV).
As far as encryption systems outside of SSL/TLS, check out Elliptic
Curve Integrated Encryption Scheme (ECIES). You can do bulk encryption
and decryption with it also. But it does not use an ECDSA key per se;
rather, its just a ecPublicKey ASN.1 type.
ECIES a Diffie-Hellman based integrated scheme that combines a Key
Encapsulation Mechanism (KEM) with a Data Encapsulation Mechanism
(DEM). The output is a 3-tuple {K,C,T}, where K is a encrypted shared
secret (lots of hand waiving), C is the cipher text and T is an
authentication tag. In ECIES, K is really half of a ECDHE exchange
with an ephemeral key. To recover the encrypted shared secret, the
person doing the decryption uses their long term static key to perform
the other half of the key exchange, and that's the shared secret. The
shared secret is then digested with a KDF and used to key a stream
cipher and a HMAC.
Jeff
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Encryption and Decryption using ECC based certificate private/public key pair
Hello All, I am working on a project where there is need to encrypt and decrypt certain data using certificate public/private key pair. So far we were using RSA based certificates. OpenSSL provides good number of API's for RSA based encryption/decryption operation. Now we are planning to support ECDSA based certificates also. I am not able to find any encryption/decryption API's in EC context. I wanted to know are there any encryption/decryption API's using ECDSA based public/private key pair. Or is there any sample code I can look into. Thanks and Regards Jayalakshmi ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
