For generating license codes, you probably want to use a signature scheme rather than an encryptions scheme. There is a signature scheme (Quartz) that has generates small signatures, but it hasn't been implemented in Crypto++ yet. DSA and ECDSA have the smallest signatures in Crypto++, around 320 bits.
On Wed, Aug 13, 2003 at 06:55:59PM +0300, Pasilda wrote: > Hello. > > I'm trying to use elliptic curves to generate serial numbers for my > audio software which cannot be generated by a keygen. > > The serial number will be 30 chars, which mean 150 bits. Obviously > this means that I cannot use ECIES or stuff like that because it's > simply too big. I need to use only the encryption primitive, with no > padding or stuff like that. > > I've managed to do that with RSA. The code is like this: > > ==== > RSAFunction pub; > InvertibleRSAFunction priv; > > priv.Initialize(randPool, keyLength); > pub.Initialize(priv.GetModulus(), priv.GetPublicExponent()); > > Integer Data, Cipher, Plain; > > Data.Decode(DataBuf.begin(), DataBuf.size(), Integer::UNSIGNED); > > Cipher = priv.CalculateInverse(randPool, Data); > Plain = pub.ApplyFunction(Cipher); > ==== > > The serial number will be Cipher written like an ASCII string. > > The problem is that I cannot do thatn with EC. > After digging through header files I've managed to get this code > out of ECIES: > > ==== > DL_PublicKey_EC<ECP> pub; > DL_PrivateKey_EC<ECP> priv; > > priv.Initialize(randPool, ASN1::secp256k1()); > priv.MakePublicKey(pub); > > SecByteBlock data; > SecByteBlock plain; > SecByteBlock cipher; > > int K = pub.AccessGroupParameters().GetEncodedElementSize(false); > > data.CleanNew(3 * K); // make sure we have enough space > plain.CleanNew(3 * K); > cipher.CleanNew(3 * K); > > strcpy((char *) data.begin(), "Encrypt Test"); > Integer DataInteger(data.begin(), data.size(), Integer::UNSIGNED); > > > ECPPoint DataElement; > ECPPoint PlainElement; > ECPPoint CipherElement; > ECPPoint RandomElement; > > > DataElement.identity = false; > DataElement.x = DataInteger; > DataElement.y = DataInteger; > > > //Integer RandomInteger(randPool, Integer::One(), > pub.GetAbstractGroupParameters().GetMaxExponent()); > Integer RandomInteger = DataInteger; > RandomElement = pub.GetAbstractGroupParameters().ExponentiateBase(RandomInteger); > > > //Element z = agreeAlg.AgreeWithEphemeralPrivateKey(params, > key.GetPublicPrecomputation(), x); > CipherElement = pub.GetPublicPrecomputation().Exponentiate( > pub.GetAbstractGroupParameters().GetGroupPrecomputation(), > RandomInteger * pub.GetAbstractGroupParameters().GetCofactor()); > > pub.GetAbstractGroupParameters().EncodeElement(true, CipherElement, cipher.begin()); > > > //Element z = agreeAlg.AgreeWithStaticPrivateKey(params, q, true, > key.GetPrivateExponent()); > PlainElement = priv.AccessGroupParameters().ExponentiateElement(RandomElement, > priv.GetPrivateExponent() * priv.AccessGroupParameters().GetCofactor()); > ==== > > The code works, at the end PlainElement = CipherElement (I've made a > bad choice of names, they should be named something like > AgreedSecretElement). > > The thing is that instead of a RandomInteger from which to derivate a > key, I want to put my plaintext data. But when I decrypt the data, > I need RandomInteger! So I'm stuck. > > I don't understand the math behind EC, so I have no idea what > ExponentiateBase does and how to play with this to do what I intend. > > To resume: i want to encrypt a Integer (smaller that key size) with > the private key (not the public one as usual). The cipher text length > should be close to key length (like in RSA). Than I want to decrypt > the cipher text using the public key. All these using elliptic curves. > > Could anybody help me? Or point me to some sample code which uses raw > elliptic curves? > > Thanks.
