Re: Encrypting to a public key?

[Schanzenbach, Martin]

Oh sorry I forgot to mention: The "Enc" is something like AES.
In GNUnet, this is abstracted through the "symmetric encryption" keys and 
functions.

> On 6. Jul 2020, at 21:05, Schanzenbach, Martin <mschanzenbach@posteo.de> 
> wrote:
> 
> Hi,
> 
> we use ECDSA keys. As you correctly state, ECDSA is only used for signing.
> There are some approaches to encryption using ECC, such as ECIES, but more 
> commonly you
> use the ECDSA keys to derive a symmetric encryption key.
> Basically, you use ephemeral ECDH to do that:
> 
> Let us say you encrypt for bob (public key: P_bob)
> 
> 1. Generate a new ephemeral ECDH key pair (d,P) where P is the public key.
> 2. Calculate ECDH (d, P_bob) => x // x is your seed for a symmetric AES key
> 3. Encrypt your data using HKDF(x) // HKDF is a key derivation function
> 4. Transfer Enc(x, DATA) and P to bob
> 5. Bob calculates ECDH (d_Bob, P) => x
> 6. Bob decrypts using HKDF(x)
> 
> See the relevant functions for all of this in include/gnunet_crypto_lib.h
> 
> 
> BR
> 
>> On 6. Jul 2020, at 20:28, Cy <fromgnunet@cy1.allowed.org> wrote:
>> 
>> How do I encrypt something to a public key? I was going to make an "Ecdsa" 
>> key and
>> encrypt stuff to that, but it says to only use those for signatures, never 
>> for encryption.
>> I've never heard of an asymmetric encryption algorithm that was only good 
>> for signatures,
>> but I guess that's the case here? There is something called "paillier" that 
>> says it can
>> encrypt, but there's no documentation on it outside of the word "paillier" 
>> and I've never
>> heard of that algorithm before. It also requires I know something called 
>> "the number of
>> homomorphic ops" and I have no clue what those are.
>> 
>

signature.asc
Description: Message signed with OpenPGP