.NET implementation (libraries) of elliptic curve cryptography

后端 未结 5 1024
半阙折子戏
半阙折子戏 2021-02-07 08:48

Please can you suggest any implementation of elliptical curve cryptography to be used on .NET platform?

Also if you have used them, can you tell me the recommended curve

相关标签:
5条回答
  • 2021-02-07 09:37

    The way you usually use ECC for encryption is by using "Ephemeral-Static Diffie-Hellman".

    It works this way:

    • Take the intended receivers public key (perhaps from a certificate). This is the static key.
    • Generate a temporary ECDH keypair. This is the ephemeral keypair.
    • Use the keys to generate a shared symmetric key.
    • Encrypt the data with the symmetric key.
    • Transmit the encrypted data together with the public key from the ephemeral keypair.

    The receiver can now use the ephemeral public key and his own static private key to recreate the symmetric key and decrypt the data.

    You can read more in Standards for Efficient Cryptography: SEC 1: Elliptic Curve Cryptography section 5.1.3.

    0 讨论(0)
  • 2021-02-07 09:38

    Have a look at SecureBlackBox components

    0 讨论(0)
  • 2021-02-07 09:38

    Great! I tried it but cant find how to use it to encrypt a message. Doesn't seem to have any "Encrypt" function

    This the MSDN sample for System.Security.Cryptography.ECDiffieHellmanCng.

    using System;
    using System.IO;
    using System.Security.Cryptography;
    using System.Text;
    
    
    class Alice
    {
        public static byte[] alicePublicKey;
    
        public static void Main(string[] args)
        {
            using (ECDiffieHellmanCng alice = new ECDiffieHellmanCng())
            {
    
                alice.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
                alice.HashAlgorithm = CngAlgorithm.Sha256;
                alicePublicKey = alice.PublicKey.ToByteArray();
                Bob bob = new Bob();
                CngKey k = CngKey.Import(bob.bobPublicKey, CngKeyBlobFormat.EccPublicBlob);
                byte[] aliceKey = alice.DeriveKeyMaterial(CngKey.Import(bob.bobPublicKey, CngKeyBlobFormat.EccPublicBlob));
                byte[] encryptedMessage = null;
                byte[] iv = null;
                Send(aliceKey, "Secret message", out encryptedMessage, out iv);
                bob.Receive(encryptedMessage, iv);
            }
    
        }
    
        private static void Send(byte[] key, string secretMessage, out byte[] encryptedMessage, out byte[] iv)
        {
            using (Aes aes = new AesCryptoServiceProvider())
            {
                aes.Key = key;
                iv = aes.IV;
    
                // Encrypt the message 
                using (MemoryStream ciphertext = new MemoryStream())
                using (CryptoStream cs = new CryptoStream(ciphertext, aes.CreateEncryptor(), CryptoStreamMode.Write))
                {
                    byte[] plaintextMessage = Encoding.UTF8.GetBytes(secretMessage);
                    cs.Write(plaintextMessage, 0, plaintextMessage.Length);
                    cs.Close();
                    encryptedMessage = ciphertext.ToArray();
                }
            }
        }
    
    }
    public class Bob 
    {
        public byte[] bobPublicKey;
        private byte[] bobKey;
        public Bob()
        {
            using (ECDiffieHellmanCng bob = new ECDiffieHellmanCng())
            {
    
                bob.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
                bob.HashAlgorithm = CngAlgorithm.Sha256;
                bobPublicKey = bob.PublicKey.ToByteArray();
                bobKey = bob.DeriveKeyMaterial(CngKey.Import(Alice.alicePublicKey, CngKeyBlobFormat.EccPublicBlob));
    
            }
        }
    
        public void Receive(byte[] encryptedMessage, byte[] iv)
        {
    
            using (Aes aes = new AesCryptoServiceProvider())
            {
                aes.Key = bobKey;
                aes.IV = iv;
                // Decrypt the message 
                using (MemoryStream plaintext = new MemoryStream())
                {
                    using (CryptoStream cs = new CryptoStream(plaintext, aes.CreateDecryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(encryptedMessage, 0, encryptedMessage.Length);
                        cs.Close();
                        string message = Encoding.UTF8.GetString(plaintext.ToArray());
                        Console.WriteLine(message);
                    }
                }
            }
        }
    
    }
    
    0 讨论(0)
  • 2021-02-07 09:44

    Check out the Bouncy Castle library for C#, it has ECDH and ECDSA.

    0 讨论(0)
  • The .NET Framework already includes Diffie-Hellman, which is an elliptic curve crypto algorithm. Look under System.Security.Cryptography.ECDiffieHellmanCng.

    0 讨论(0)
提交回复
热议问题