That’s very cool that (almost) any random number can be used for the private key and the public key can be easily derived from the private one!
See? I am quite clueless about the details of ECC. ;) John On Feb 14, 2018, at 4:05 AM, paddor <pad...@gmail.com> wrote: Hi John, One cool thing about Curve25519 is that, given the secret key, the public key can be derived from it. And it seems that you actually you can use random bytes for the secret key (almost). Only a few bits in the first and last byte are fixed. Here an excerpt from [1]: > Computing secret keys. Inside your program, to generate a 32-byte Curve25519 > secret key, start by generating 32 secret random bytes from a > cryptographically safe source: mysecret[0], mysecret[1], ..., mysecret[31]. > Then do > > mysecret[0] &= 248; > mysecret[31] &= 127; > mysecret[31] |= 64; > > to create a 32-byte Curve25519 secret key mysecret[0], mysecret[1], ..., > mysecret[31]. Of course the conversion tool would have to print the public key so you can collect those centrally. Yes, it might be too much effort if you want to keep using the existing PKI as-is. Having used ZMQ for a while now, I'd say it's worth the effort! ;-) Regards, Patrik [1] https://cr.yp.to/ecdh.html _______________________________________________ zeromq-dev mailing list zeromq-dev@lists.zeromq.org https://lists.zeromq.org/mailman/listinfo/zeromq-dev
