0

I need to encrypt data using ECIES using openssl. Is there any API present in openssl? result cipherText = input)ecies(public key , plain text)

Is there is no API , how can i calcute.

HKP
  • 19
  • 7
  • 1
    ECIES is basically the same as (ephemeral-static) ECDH, followed by a KDF (usually over the X coordinate of the result) and then a normal symmetric cipher. – Maarten Bodewes May 20 '21 at 22:22
  • @MaartenBodewes Thanks for guide. I am new to cryptography.I want to use opensll EVP API. So ECDH : https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman and encryption : https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption ? – HKP May 21 '21 at 18:10
  • 1
    Yes, but don't pass it through a hash function as ECDH specifies, but use [HKDF](https://www.openssl.org/docs/manmaster/man7/EVP_KDF-HKDF.html). And you may want to replace the static (trusted!) public key of the receiver with a certificate later. Otherwise you just throw away the ephemeral private key of the party doing the encryption and include the corresponding public key with the ciphertext, and presto. Easy as pie. Well, sort of :P – Maarten Bodewes May 21 '21 at 18:21
  • What is use of HKDF? I have got the public key and plain test. Then which opnssl EVP API I need to use to encode and encrypt. If you have any good reference please share, I could not think how to do. The publc key contains ECPoints ? How to generate ECC key which will be required to encrpt data? – HKP May 21 '21 at 20:51
  • @MaartenBodewes Can you suggest how to do ECIES encryption, I have a server which uses uses java bouncy castle library for encryption (X509. ), So while selecting curve should I select any type of curve ? And what is difference between KDF and HKDF ? – HKP May 24 '21 at 19:44
  • 1
    You cannot directly encrypt data using Elliptic Curve (well, not of any significant length anyway). However, you can generate a secret key using the static, trusted public key of the receiver and an ephemeral public key. The corresponding public key can then be attached to the ciphertext of the secret key so that the static private key can be used to generate the same secret to decrypt - HKDF is just a specific HMAC based KDF. It's also in Bouncy Castle. For the rest of the functionality BC is really not required. No, you cannot mix curves, you need to pick one. – Maarten Bodewes May 24 '21 at 21:30
  • 1
    .. for the static key pair of which the public key is in the certificate (it seems, from your description). Then you'd use the same curve for the ephemeral key pair generated for encryption. – Maarten Bodewes May 24 '21 at 21:37
  • @MaartenBodewes How can I generate EVP_PKEY *pkey from shared public key. The shared public key is base64 encoded and use bouncy castle but the curve is secp256k1.How can i get key ? https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman here also get_peerkey() not explained properly. Can you help on this ? – HKP May 26 '21 at 20:02
  • Possibly, but I cannot look on your screen, maybe ask a separate question with code & key, and link to Bouncy Castle relevant code if available. – Maarten Bodewes May 26 '21 at 20:03
  • OP, see https://jameshfisher.com/2017/04/14/openssl-ecc/ for how to do this on the command line with `openssl`. – mti2935 May 26 '21 at 23:04
  • @mti2935 Thanks for the link. Do you have any idea how I can generate this using openssl API. I have a c application.. I want eqivalent c code for this operation openssl pkeyutl -derive -inkey bob_priv_key.pem -peerkey alice_pub_key.pem -out bob_shared_secret.bin – HKP May 29 '21 at 05:26
  • 1
    OP, This is called 'point multiplication'. Alice multiplies her private key with Bob's public key to get the shared secret. Bob does the same - he multiplies his private key with Alice's public key to get the same shared secret. I think the function you are looking for is `EC_POINT_mul()`. See https://www.openssl.org/docs/man1.0.2/man3/EC_POINT_mul.html. – mti2935 May 29 '21 at 09:50
  • @mti2935 thanks for suggestion. openssl pkeyutl -derive -inkey bob_priv_key.pem -peerkey alice_pub_key.pem -out bob_shared_secret.bin here alice public key and bob private key is used to generate bob_shared_secret.bin, The pubic key i receive is in buffer. Which openssl api I will use to parse this buffer to get alice public key? – HKP May 29 '21 at 18:25

0 Answers0