Practical Cryptography for Developers
master-zh
master-zh
  • Welcome
  • 前言
  • 密码学——概述
  • 哈希函数
    • 加密哈希和碰撞
    • 哈希函数:应用场景
    • 安全哈希算法
    • 哈希函数——示例
    • 练习:计算哈希值
    • 工作量证明(Proof-of-Work)哈希函数
  • MAC 和密钥派生
    • HMAC 与密钥派生
    • HMAC 计算——示例
    • 练习:计算 HMAC
    • KDF: Deriving Key from Password
    • PBKDF2
    • Modern Key Derivation Functions
    • Scrypt
    • Bcrypt
    • Linux crypt()
    • Argon2
    • Secure Password Storage
    • Exercises: Password Encryption
  • Secure Random Generators
    • Pseudo-Random Numbers - Examples
    • Secure Random Generators (CSPRNG)
    • Exercises: Pseudo-Random Generator
  • Key Exchange and DHKE
    • Diffie–Hellman Key Exchange
    • DHKE - Examples
    • Exercises: DHKE Key Exchange
  • Encryption: Symmetric and Asymmetric
  • Symmetric Key Ciphers
    • Cipher Block Modes
    • Popular Symmetric Algorithms
    • The AES Cipher - Concepts
    • AES Encrypt / Decrypt - Examples
    • Ethereum Wallet Encryption
    • Exercises: AES Encrypt / Decrypt
    • ChaCha20-Poly1305
    • Exercises: ChaCha20-Poly1305
  • Asymmetric Key Ciphers
    • The RSA Cryptosystem - Concepts
    • RSA Encrypt / Decrypt - Examples
    • Exercises: RSA Encrypt / Decrypt
    • Elliptic Curve Cryptography (ECC)
    • ECDH Key Exchange
    • ECDH Key Exchange - Examples
    • Exercises: ECDH Key Exchange
    • ECC Encryption / Decryption
    • ECIES Hybrid Encryption Scheme
    • ECIES Encryption - Example
    • Exercises: ECIES Encrypt / Decrypt
  • Digital Signatures
    • RSA Signatures
    • RSA: Sign / Verify - Examples
    • Exercises: RSA Sign and Verify
    • ECDSA: Elliptic Curve Signatures
    • ECDSA: Sign / Verify - Examples
    • Exercises: ECDSA Sign and Verify
    • EdDSA and Ed25519
    • EdDSA: Sign / Verify - Examples
    • Exercises: EdDSA Sign and Verify
  • Quantum-Safe Cryptography
    • Quantum-Safe Signatures - Example
    • Quantum-Safe Key Exchange - Example
    • Quantum-Safe Asymmetric Encryption - Example
  • More Cryptographic Concepts
    • Digital Certificates - Example
    • TLS - Example
    • One-Time Passwords (OTP) - Example
  • Crypto Libraries for Developers
    • JavaScript Crypto Libraries
    • Python Crypto Libraries
    • C# Crypto Libraries
    • Java Crypto Libraries
  • Conclusion
Powered by GitBook
On this page

Was this helpful?

  1. Asymmetric Key Ciphers

ECIES Hybrid Encryption Scheme

PreviousECC Encryption / DecryptionNextECIES Encryption - Example

Last updated 5 years ago

Was this helpful?

A hybrid encryption scheme similar to the previously demonstrated code is standardized under the name Elliptic Curve Integrated Encryption Scheme (ECIES) in many crypto standards like , , and . ECIES is a public-key authenticated encryption scheme, which works similarly to the above code examples, but uses a KDF (key-derivation function) for deriving separate MAC key and symmetric encryption key from the ECDH shared secret. It has many variants.

The ECIES standard combines ECC-based asymmetric cryptography with symmetric ciphers to provide data encryption by EC private key and decryption by the corresponding EC public key. The ECIES encryption scheme uses ECC cryptography (public key cryptosystem) + key-derivation function (KDF) + symmetric encryption algorithm + MAC algorithm, combined together like it is shown on the figure below:

The input of the ECIES encryption consists of recipient's public key + plain text message. The output consists of sender's ephemeral public key (ciphertext public key) + encrypted message (ciphertext + symmetric algorithm parameters) + authentication tag (MAC code):

  • ECIES-encrypt(recipientPublicKey, plaintextMessage) ➔ { cipherTextPublicKey, encryptedMessage, authTag }

The ECIES decryption takes the output from the encryption + the recipient's private key and produces the original plaintext message or detects a problem (e.g. integrity / authentication error):

  • ECIES-decrypt(cipherTextPublicKey, encryptedMessage, authTag, recipientPrivateKey, ) ➔ plaintextMessage

The ECIES encryption scheme is a framework, not a concrete algorithm. It can be implemented by plugging different algorithms, e.g. the secp256k1 or P-521 elliptic curve for the public-key calculations + PBKDF2 or Scrypt for KDF function + AES-CTR or AES-GCM or ChaCha20-Poly1305 for symmetric cipher and authentication tag + HMAC-SHA512 for MAC algorithm (in case of unauthenticated encryption).

In the next section we shall demonstrate through a code example how to use ECIES in practice.

SECG SEC-1
ISO/IEC 18033-2
IEEE 1363a
ANSI X9.63