Hi Mouse, >From ecccrpyto.h, around line 250:
//! Elliptic Curve Integrated Encryption Scheme, AKA <a href="http://www.weidai.com/scan-mirror/ca.html#ECIES";>ECIES</a> /*! Default to (NoCofactorMultiplication and DHAES_MODE = false) for compatibilty with SEC1 and Crypto++ 4.2. The combination of (IncompatibleCofactorMultiplication and DHAES_MODE = true) is recommended for best efficiency and security. */ template <class EC, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = false> struct ECIES : public DL_ES< DL_Keys_EC<EC>, DL_KeyAgreementAlgorithm_DH<typename EC::Point, COFACTOR_OPTION>, DL_KeyDerivationAlgorithm_P1363<typename EC::Point, DHAES_MODE, P1363_KDF2<SHA1> >, DL_EncryptionAlgorithm_Xor<HMAC<SHA1>, DHAES_MODE>, ECIES<EC> > { static std::string CRYPTOPP_API StaticAlgorithmName() {return "ECIES";} // TODO: fix this after name is standardized }; In this case, SECG may not be the proper reference (its hard to tell sometimes). Alos, there's an interop bug between Crypto++ and Bouncy Castle, if I recall correctly. It has to do with the width of an integer (4 vs 8). The cofactor can be 1, 2 or 4. I seem to recall a cofactor of 1 and DHAES = true has the best security properties. Jeff On Sunday, November 17, 2013 11:05:47 AM UTC-5, Mouse wrote: > > I’ve started writing interoperability tests (obviously data-wise only :) > between Crypto++ and BouncyCastle (Java). > > Looking at ECIES, I’ve stumbled upon a strange thing. Both > http://en.wikipedia.org/wiki/Integrated_Encryption_Scheme and > BouncyCastle define ECIES as a *hybrid* encryption scheme, and require > use of both hash for MAC (i.e., SHA1) and symmetric cipher for the actual > encryption (i.e., AES). > > Crypto++ however does not seem to use either hash or symmetric cipher at > all. > > What gives? An old version incompatible with the current ECIES standard > http://www.secg.org/download/aid-780/sec1-v2.pdf? Or am I missing > anything? > > I’d appreciate any help and/or guidance. > > Thanks! > -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
