Score:1

Symmetric key generation for ECDH

st flag

Trying to implement a mechanism for one way transmission of encrypted string values using ECC.

  • Assume there is a fixed secret unavailable private key FPK, and public key FP for it is available to the application.
  • As user enters a value, a new private key is generated, then shared key is produced from exchanging it from FP. Resulting sharing key is different every time.
  • Symmetric encryption key DSK is derived from shared key using KDF (Scrypt or HKDF).

Possible option is to follow the ECDH hybrid scheme as described here

enter image description here

Is there any advantage of generating additional random symmetric key RK here to encrypt the value, then encrypt RK with DSK (and pay additional transmission overhead), or it is safe enough to just use DSK directly for symmetric encryption of the value?

kelalaka avatar
in flag
Does this answer your question? [Hashing the points is important for security of the composition of ECDH with another cryptosystem.](https://crypto.stackexchange.com/questions/30367/ecdh-security-when-no-kdf-is-used). Why do you need to generate new randomness if you already had randomness from ECDH? Then what is the aim of ECDH?
st flag
Edited the question for clarity, KDF is being used in both cases.
Score:1
es flag

The image you've included in your answer (which is also from the web page you've provided) is, confusingly, different to the "ECC-based hybrid encryption scheme" that is then described on that web page.

The diagram seems to be showing that a symmetric key is used to encrypt a file, and then that symmetric key is encrypted using a "user public key" and stored alongside the encrypted file.

However, what is described in text in the web page as "ECC-based hybrid encryption scheme" simply creates an ephemeral encryption key-pair, performs an ECDH exchange and then derives the symmetric encryption key from the ECDH shared-secret.

Your question is whether the latter method is safe. Yes, it is safe, and their implementation looks sound to me.

Score:0
va flag

Encrypting data with symmetric key and then encrypting symmetric with receiver's public key provides, authentication, message confidentiality, and secret key secrecy. However, if data is directly encrypted with receiver's public key then it will not provide authentication since public key is public and any malicious party can encrypt data with public key.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.