Re: Encrypting to a public key?

[Schanzenbach, Martin]

Hi,

we use ECDSA keys. As you correctly state, ECDSA is only used for signing.
There are some approaches to encryption using ECC, such as ECIES, but more 
commonly you
use the ECDSA keys to derive a symmetric encryption key.
Basically, you use ephemeral ECDH to do that:

Let us say you encrypt for bob (public key: P_bob)

1. Generate a new ephemeral ECDH key pair (d,P) where P is the public key.
2. Calculate ECDH (d, P_bob) => x // x is your seed for a symmetric AES key
3. Encrypt your data using HKDF(x) // HKDF is a key derivation function
4. Transfer Enc(x, DATA) and P to bob
5. Bob calculates ECDH (d_Bob, P) => x
6. Bob decrypts using HKDF(x)

See the relevant functions for all of this in include/gnunet_crypto_lib.h


BR

> On 6. Jul 2020, at 20:28, Cy <fromgnunet@cy1.allowed.org> wrote:
> 
> How do I encrypt something to a public key? I was going to make an "Ecdsa" 
> key and
> encrypt stuff to that, but it says to only use those for signatures, never 
> for encryption.
> I've never heard of an asymmetric encryption algorithm that was only good for 
> signatures,
> but I guess that's the case here? There is something called "paillier" that 
> says it can
> encrypt, but there's no documentation on it outside of the word "paillier" 
> and I've never
> heard of that algorithm before. It also requires I know something called "the 
> number of
> homomorphic ops" and I have no clue what those are.
>

signature.asc
Description: Message signed with OpenPGP