Menu
I am trying to generate a shared secret in my app like this:
public static byte[] generateSharedSecret(PrivateKey privateKey PublicKey publicKey) {
KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", "SC");
keyAgreement.init(privateKey);
keyAgreement.doPhase(publicKey, true);
return keyAgreement.generateSecret();
}
This is working fine, but the PublicKey I use here should be coming from the backend.
The backend just sends me the x and y value of a point on an elliptic curve and now I am supposed to generate the PublicKey from that. But I just can't figure it out! How can I create a PublicKey instance just from those two values?
731
ICSF generates ECC key pairs using the Elliptic Curve Digital Signature Algorithm (ECDSA). This algorithm uses elliptic curve cryptography (an encryption system based on the properties of elliptic curves) to provide a variant of the Digital Signature Algorithm.
The generator point, known as G, is a defined point on Bitcoin's elliptic curve, secp256k1, and has x and y coordinates. In order to generate a public key, a user multiplies their private key sk * G = P, where P is the public key. While a private key is a large number, a public key is a point with x and y coordinates.
It has been noted by the NSA that the encryption of a top-secret document by elliptic curve cryptography requires a key length of 384 bit.
Basic idea: Given an elliptic curve E(modp), the problem is that not to every x there is an y such that (x, y) is a point of E. Given a message (number) m we therefore adjoin to m few bits at the end of m and adjust them until we get a number x such that x3 + ax + b is a square modp.
It's actually quite simple! But you need one more thing besides the x and y values. You also need an ECParameterSpec! The ECParameterSpec describes the elliptic curve you are using and your app has to use the same ECParameterSpec as your backend does!
With the x and y values you can create an ECPoint instance and together with your ECParameterSpec you can create an ECPublicKeySpec:
ECParameterSpec ecParameters = ...;
BigInteger x = ...;
BigInteger y = ...;
ECPoint ecPoint = new ECPoint(x, y);
ECPublicKeySpec keySpec = new ECPublicKeySpec(ecPoint, ecParameters);
And now with that ECPublicKeySpec you can generate the PublicKey using a KeyFactory:
KeyFactory keyFactory = KeyFactory.getInstance("EC");
PublicKey publicKey = keyFactory.generatePublic(keySpec);
You can find more information about this topic here.
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
