Exchanging the key and encrypting data

[22karthik]

Hi @kokke I am using ECDH to exchange the keys and AES-128,192,256 for data encryption(Your previous implementation).For this to happen I need to exchange the specific length keys.Can your ECDH implementation generate 128,192 or 256 bit length keys.

[kokke]

Hi @22karthik - happy to hear you like this project as well

Can your ECDH implementation generate 128,192 or 256 bit length keys.

No. The key lengths are 163, 233, 283, 409 or 571 bits.

The keys are defined by the underlying fields chosen by the standards. See:

http://www.secg.org/sec2-v2.pdf http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf

You can exchange a shared secret larger than the key you need to exchange and then truncate or hash the data.

[22karthik]

Thanks @kokke

[kokke]

You are welcome :)

Closing the issue.

[22karthik]

Hi @kokke What is the public and private key length in the implementation? I see in the macro ,public key is 42 bytes and private key is 21 bytes but when I print the public key length it is 21 bytes.Let me know If Iam wrong .Iam confused a bit.

[22karthik]

The private key: 0100000026675e49726b53e499550999be39476002 The public key : 556295c4e6ca697a8d82bfccdad222ca2aa2a35d02

This is my public and private key,but I am not able to compute the shared secret

[22karthik]

after the function ecdh_generate_keys(public_key,private_key); if I print the length of the public key using strlen printf("the public key size is:%d\n",strlen(public_key)); it prints the size as 21.Is this correct

[kokke]

strlen counts how many bytes are in a buffer before encountering 0x00 / zero- / null-termination.

You can't use strlen to determine the length of anything other than a null-terminated string.

[22karthik]

I am sorry Kokke ,I am not familiar with C language.I will correct the mistake.

Let me know if there is a possibility to configure in the program and reduce the key length.I need to reduce the key size for computation across the network .I need a smaller key size for transmission

[kokke]

Hi @22karthik

You can choose a key size from 163 bits to 571 bits - if the key gets any smaller than 163 bits, the security suffers.

[22karthik]

Thank you kokke I have resolved the problem

[22karthik]

uint8_t puba[42]={0x55,0x62,0x95,0xc4,0xe6,0xca,0x69,0x7a,0x8d,0x82,0xbf,0xcc,0xda,0xd2,0x22,0xca,0x2a,0xa2,0xa3,0x5d,0x02,0x00,0x00,0x00,0xb5,0x58,0xd9,0x07,0x81,0x35,0xb5,0x19,0xdd,0x1a,0xfe,0x4a,0x0f,0xa2,0x83,0xb6,0x5d,0xc1};

for (i = 0; i < ECC_PRV_KEY_SIZE; ++i) { prvb[i] = prng_next(); } ecdh_shared_secret(prvb, puba, secb);

printf("The shared secret between a and b:from a\n");

for (i = 0; i <ECC_PUB_KEY_SIZE ; ++i)
    printf("%.2x", secb[i]);
printf("\n");

[22karthik]

Hi @kokke This is the code snippet,I receive the public key externally,So for demonstration purpose I have hardcoded the publickey.So,the problem is when I print the shared secret(secb) only 0x00 is printed

[22karthik]

#include <stdio.h>
#include <stdlib.h>
#include "ecdh.h"

/* pseudo random number generator with 128 bit internal state... probably not suited for cryptographical usage */
typedef struct
{
  uint32_t a;
  uint32_t b;
  uint32_t c;
  uint32_t d;
} prng_t;

static prng_t prng_ctx;

static uint32_t prng_rotate(uint32_t x, uint32_t k)
{
  return (x << k) | (x >> (32 - k)); 
}

static uint32_t prng_next(void)
{
  uint32_t e = prng_ctx.a - prng_rotate(prng_ctx.b, 27); 
  prng_ctx.a = prng_ctx.b ^ prng_rotate(prng_ctx.c, 17); 
  prng_ctx.b = prng_ctx.c + prng_ctx.d;
  prng_ctx.c = prng_ctx.d + e; 
  prng_ctx.d = e + prng_ctx.a;

  return prng_ctx.d;
}

static void prng_init(uint32_t seed)
{
  uint32_t i;
  prng_ctx.a = 0xf1ea5eed;
  prng_ctx.b = prng_ctx.c = prng_ctx.d = seed;

  for (i = 0; i < 31; ++i) 
  {
    (void) prng_next();
  }
}

static void ecdh_demo(void)
{

    static uint8_t secb[ECC_PUB_KEY_SIZE];

    static uint8_t puba[ECC_PUB_KEY_SIZE]={0x55,0x62,0x95,0xc4,0xe6,0xca,0x69,0x7a,0x8d,0x82,0xbf,0xcc,0xda,0xd2,0x22,0xca,0x2a,0xa2,0xa3,0x5d,0x02,0x00,0x00,0x00,0xb5,0x58,0xd9,0x07,0x81,0x35,0xb5,0x19,0xdd,0x1a,0xfe,0x4a,0x0f,0xa2,0x83,0xb6,0x5d,0xc1};
    static uint8_t prvb[ECC_PRV_KEY_SIZE]={0x2f,0x46,0x53,0xb8,0x26,0x67,0x5e,0x49,0x72,0x6b,0x53,0xe4,0x99,0x55,0x09,0x99,0xbe,0x39,0x47,0x60,0x02};

   ecdh_shared_secret(prvb, puba, secb);

   printf("The shared secret between bob and alice:from bob\n");

    for (int i = 0; i <ECC_PUB_KEY_SIZE ; ++i)
        printf("%.2x", secb[i]);
    printf("\n");
}

int main(int argc, char* argv[])
{

  int i;
  int ncycles = 1;

  //setup();

  if (argc > 1)
  {
    ncycles = atoi(argv[1]);
  }

  for (i = 0; i < ncycles; ++i)
  {
    ecdh_demo();
  }

  return 0;
}

[22karthik]

I am calling the ecdh_demo only once but the shared secret is always 0

[kokke]

@22karthik - Do you think these problems you are having are bugs or issues with the library?

If not, they don't belong in the issues section.

We have had this discussion before in my AES project, where you have opened four issues with content similar to this: https://github.com/kokke/tiny-AES-c/issues?q=author%3A22karthik

Please seek help on Stackoverflow.com or somewhere else instead of opening issues in my github projects.

How many times must I tell you to stop? This is your final warning.

[22karthik]

@kokke Iam sorry, this is not an issue with your library.But I thought If you had an idea why this happens.Anyway Iam really sorry about that.

[r-lyeh]

secb is likely 0 because ecdh_shared_secret(prvb, puba, secb); failed to fill the data in. enclose the call in an assert() like the example is showcasing. you should just use a debugger instead and inspect what the code is doing.

[22karthik]

Hi Thanks