Comments (10)
For a given curve and a given base point P the point Q = kP was calcaluted for
several values k. The x and y coordinates of Q are given in the table below.
k is a constant, x and y are the coordinates for the base point P.
For each curve, P can be found in the documents referenced above.
from tiny-ecdh-c.
Hi @nguterresn and thanks for checking out my library :)
From the top of my head:
The private key is a scalar (an integer number) whereas the public key is a point (two scalars for x- and y-coordinate).
The shared secret is a point, which is therefore the same size as the public key (twice the size of the private key).
from tiny-ecdh-c.
By the name of the curve, I thought the number 163 was the size of the output key.
What you said, makes sense, but I can't find anywhere where's justified. I'm just curious because I have seen others libraries using ECC_PRV_KEY_SIZE
shared key and, at this point, I don't know which one is correct or not.
I'm really confused about this because I'm trying to establish a shared key with another device and the shared key, even tho it is the same curve, doesn't match. Plus, when I compute the public key and send it, it's not recognized as being from the same curve as the destination curve.
I hope you can help and thanks for your time. :)
from tiny-ecdh-c.
163 here is the size of the Galois field used. GF(2^m) where m = 163.
It is also the order of the highest-order factor in the reduction polynomial used.
There are several ways to store the keys. Using point-compression, the shared secret can be compressed to around half size, which could explain what you've seen.
If you are inter-operating with other libraries, please ensure the format of the exchanged parameters are compatible (endianness, is point-compression used etc.).
See more here: http://www.secg.org/sec2-v2.pdf
from tiny-ecdh-c.
Thanks for the explaining, appreciate it.
The other device is returning a public key with 43 bytes, because of that 1 byte reserved for format info(In this case, 04
, uncompressed). But, even if I ignore the reserved byte, the key is not valid. At the opposite side, if I send my key it is not valid because it is not from the same curve, but in the "theory" it is.
I already converted little endian to big endian public key, but it is still not recognized as being from the same curve.
EDIT: By saying;
it is not from the same curve
I mean, its what showed up when compiled.
from tiny-ecdh-c.
Can I see the source code of the other ECDH library you're using?
from tiny-ecdh-c.
I haven't been able to find another library that supported the same curves, so I haven't made any compliance testing against other libraries.
I've only tested quickly against a few picks from http://point-at-infinity.org/ecc/nisttv
from tiny-ecdh-c.
The library is: Node.js crypto
from tiny-ecdh-c.
By the way, how can you test the vectors? k, x, and y replace which variable?
from tiny-ecdh-c.
Closing the issue. Feel free to re-open if you feel you didn't get the answers you expected :)
from tiny-ecdh-c.
Related Issues (20)
- Buffer overflow in ecdh_demo HOT 4
- Results are Differential to OpenSSL HOT 1
- invalid generated public key HOT 3
- Cannot generate a shared secret HOT 4
- Is point compression supported? HOT 5
- error HOT 1
- compilation error HOT 2
- Region βIMEMβ overflowed by 17932 bytes HOT 1
- Mismatch with openssl private-key/public key generation
- NIST_K571 NIST_K409 HOT 9
- ECDH and ECDSA HOT 1
- DSA Broken: Troubleshooting
- Supporting Curve BrainpoolP256r1 HOT 1
- compatibility with other crypto libraries
- sec key not the same
- 7 of 10 "working"
- ECDSA
- K-163 is still too difficult for IoT devices HOT 1
- Representation of generated Public Key HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tiny-ecdh-c.