ECDH

ECDH#

The ECDH class implements the Elliptic Curve Diffie-Hellman key exchange protocol, which allows two parties to securely exchange cryptographic keys over an insecure channel. This protocol is based on elliptic curve cryptography (ECC), which offers the same security as traditional Diffie-Hellman but with smaller key sizes.

class ECDH#

Creates a new ECDH instance.

Parameters:

  • curve (str) – The elliptic curve to use for the key exchange. Default is ‘secp256k1’.

  • force (bool) – Argument to force computations with higher orders of numbers, irrespective of resultant performance.

Introduction#

The Elliptic Curve Diffie-Hellman (ECDH) protocol is a variant of the traditional Diffie-Hellman key exchange that uses elliptic curve mathematics for better security with smaller key sizes. ECDH allows two parties to exchange a shared secret over an insecure channel, and this secret can then be used for symmetric encryption (e.g., AES) or other cryptographic tasks. The security of ECDH relies on the difficulty of the elliptic curve discrete logarithm problem.

Mathematical Details#

The ECDH key exchange process involves the following steps:

  1. Agree on an elliptic curve: Both parties agree on a common elliptic curve and base point \(G\) (the generator point). The curve and base point do not need to be secret.

  2. Generate private keys: Each party generates a private key, \(a\) for Alice and \(b\) for Bob. These private keys are kept secret.

  3. Compute public keys: Each party computes their corresponding public key using the elliptic curve scalar multiplication: - Alice computes \(A = a \cdot G\) - Bob computes \(B = b \cdot G\)

  4. Exchange public keys: Alice and Bob exchange their public keys, \(A\) and \(B\).

  5. Compute the shared secret: After receiving each other’s public key, both parties compute the shared secret by performing elliptic curve scalar multiplication: - Alice computes \(S = a \cdot B\) - Bob computes \(S = b \cdot A\)

Both computations result in the same shared secret \(S\), which can be used for further cryptographic operations.

Usage#

# Example usage of ECDH to generate shared secret
from cryptosystems import ECDH
ecdh = ECDH() # Default curve 'P-256'
public_key_1, private_key_1 = ecdh.generate_keys()  # Generate ECDH keys
# Get other individual's public key
shared_secret = ecdh.generate_keys(public_key_2, private_key_1) # 1234567890

# Example usage of ECDH to generate shared secret
from cryptosystems import ECDH
ecdh = ECDH() # Default curve 'P-256'
public_key_2, private_key_2 = ecdh.generate_keys()  # Generate ECDH keys
# Get other individual's public key
shared_secret = ecdh.generate_keys(public_key_1, private_key_2) # 1234567890

Methods#

generate_keys() tuple#

Generates a new ECC key pair, in the form \((A, a)\), where \(A\) is the public key and \(a\) is the private key.

Returns:

A tuple containing the private key and the public key.

Return type:

tuple

get_shared_secret(a: int, B: tuple) int#

Computes the shared secret between two parties, given their private key \(a\) and the other party’s public key \(B\).

Parameters:

  • private_key (int) – The private key of the party computing the shared secret.

  • public_key (tuple) – The public key of the other party.

Returns:

The computed shared secret.

Return type:

int