Reputation: 1751
Generate Shared Key From Public Key Using Elliptic JS Library
I am trying to use the Elliptic JS library to generate a shared key that can be used between two people (from their example).
The issue is that the example generates a new keypair every time - I want to have one person using their own private key, and the other persons public key.
Here is what I have so far:
var EC = require('elliptic').ec;
var ec = new EC('curve25519');
var key1 = ec.keyFromPrivate('BLAHBLAHBLAH1');
var publicKey1 = key1.getPublic();
///// HOW DO I START WITH KEY2 BEING THE PUBLIC KEY, NOT KEYFROMPRIVATE? /////
var key2 = ec.keyFromPrivate('BLAHBLAHBLAH2');
var publicKey2 = key2.getPublic();
var shared1 = key1.derive(publicKey2);
var shared2 = key2.derive(publicKey1);
console.log(shared1.toString(16));
console.log(shared2.toString(16));
Any ideas would be tremendously helpful!
Upvotes: 3
Views: 2360
Answers (1)
Reputation: 22956
So maybe it's better to explain this a little.
With Elliptic curve crypto, the private key is just a number (a big one).
The public key is actually a point on the curve (like actually x, y).
You must generate a private key first in order to obtain the corresponding public key coordinate, as you may know, the trap door function in ECC is predicated upon not being able to deduce a private key from a public key point.
The public key is obtained by scalar multiplication of the private key by a special point on the curve called the generator point.
So... that said, the only way to start with a public key that you know, would be to have (at some point previous), generated and stored the private key, calculated the corresponding public key by using the standard methods (which FYI, is actually a process where one scalar multiplies a private key number by a known generator (special publicly known x,y point) on the curve, and then store the public key for future use.
One last thing, what you're doing here (you may already know) is ECDH (Elliptic curve Diffie Hellman), generating a shared secret using the Diffie Hellman protocol.
In that protocol, generally you use ephemeral (temporary) key pairs every time. That way each session has a new session key, meaning forward secrecy isn't predicated upon one single private key.
Additionally remember that a derived ECDH secret is not ready to use as a symmetric key. It should be passed through a HKDF (key derivation function), as random secret != uniform secret suitable for cryptographic use.
Any questions pls ask below, great explanation as to why it's important to use ephemeral keys in ECDH here from @Maarten.
Please let me know if this is not clear.
Upvotes: 7
Related Questions
- How to generate private EC private / public key pair in DER format using node.js, where public key is compressed?
- Nodejs construct the public key using public key string
- Sign using crypto.createSign EC key
- Generate shared secret key from Curve25519 (or X25519) asymmetric key pairs in node.js using crypto module
- How to generate PublicKey for PrivateKey in X25519?
- Create EC private key from input keying material in NodeJS
- Javascript: Generating ECDSA public key from private key
- Generate private/public pair key using ECC : elliptic curves
- Computing a ECDH Shared Secret in JavaScript
- Javascript ECDSA get private and public keys?