.NET implementation (libraries) of elliptic curve cryptography
Please can you suggest any implementation of elliptical curve cryptography to be used on .NET platform?
Also if you have used them, can you tell me the recommended curve
-
The way you usually use ECC for encryption is by using "Ephemeral-Static Diffie-Hellman".
It works this way:
- Take the intended receivers public key (perhaps from a certificate). This is the static key.
- Generate a temporary ECDH keypair. This is the ephemeral keypair.
- Use the keys to generate a shared symmetric key.
- Encrypt the data with the symmetric key.
- Transmit the encrypted data together with the public key from the ephemeral keypair.
The receiver can now use the ephemeral public key and his own static private key to recreate the symmetric key and decrypt the data.
You can read more in Standards for Efficient Cryptography: SEC 1: Elliptic Curve Cryptography section 5.1.3.
讨论(0) -
Have a look at SecureBlackBox components
讨论(0) -
Great! I tried it but cant find how to use it to encrypt a message. Doesn't seem to have any "Encrypt" function
This the MSDN sample for System.Security.Cryptography.ECDiffieHellmanCng.
using System; using System.IO; using System.Security.Cryptography; using System.Text; class Alice { public static byte[] alicePublicKey; public static void Main(string[] args) { using (ECDiffieHellmanCng alice = new ECDiffieHellmanCng()) { alice.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash; alice.HashAlgorithm = CngAlgorithm.Sha256; alicePublicKey = alice.PublicKey.ToByteArray(); Bob bob = new Bob(); CngKey k = CngKey.Import(bob.bobPublicKey, CngKeyBlobFormat.EccPublicBlob); byte[] aliceKey = alice.DeriveKeyMaterial(CngKey.Import(bob.bobPublicKey, CngKeyBlobFormat.EccPublicBlob)); byte[] encryptedMessage = null; byte[] iv = null; Send(aliceKey, "Secret message", out encryptedMessage, out iv); bob.Receive(encryptedMessage, iv); } } private static void Send(byte[] key, string secretMessage, out byte[] encryptedMessage, out byte[] iv) { using (Aes aes = new AesCryptoServiceProvider()) { aes.Key = key; iv = aes.IV; // Encrypt the message using (MemoryStream ciphertext = new MemoryStream()) using (CryptoStream cs = new CryptoStream(ciphertext, aes.CreateEncryptor(), CryptoStreamMode.Write)) { byte[] plaintextMessage = Encoding.UTF8.GetBytes(secretMessage); cs.Write(plaintextMessage, 0, plaintextMessage.Length); cs.Close(); encryptedMessage = ciphertext.ToArray(); } } } } public class Bob { public byte[] bobPublicKey; private byte[] bobKey; public Bob() { using (ECDiffieHellmanCng bob = new ECDiffieHellmanCng()) { bob.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash; bob.HashAlgorithm = CngAlgorithm.Sha256; bobPublicKey = bob.PublicKey.ToByteArray(); bobKey = bob.DeriveKeyMaterial(CngKey.Import(Alice.alicePublicKey, CngKeyBlobFormat.EccPublicBlob)); } } public void Receive(byte[] encryptedMessage, byte[] iv) { using (Aes aes = new AesCryptoServiceProvider()) { aes.Key = bobKey; aes.IV = iv; // Decrypt the message using (MemoryStream plaintext = new MemoryStream()) { using (CryptoStream cs = new CryptoStream(plaintext, aes.CreateDecryptor(), CryptoStreamMode.Write)) { cs.Write(encryptedMessage, 0, encryptedMessage.Length); cs.Close(); string message = Encoding.UTF8.GetString(plaintext.ToArray()); Console.WriteLine(message); } } } } }讨论(0) -
Check out the Bouncy Castle library for C#, it has ECDH and ECDSA.
讨论(0) -
The .NET Framework already includes Diffie-Hellman, which is an elliptic curve crypto algorithm. Look under System.Security.Cryptography.ECDiffieHellmanCng.
讨论(0)
加载中...
- 热议问题