Skip to content

Instantly share code, notes, and snippets.

@carlj

carlj/ecc_dh.md

Last active October 25, 2019 14:55
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save carlj/39791c1c8d98a59d43063b0fcc4a43f1 to your computer and use it in GitHub Desktop.
Save carlj/39791c1c8d98a59d43063b0fcc4a43f1 to your computer and use it in GitHub Desktop.
Download ZIP
ECC encryption with Diffie-Hellman key exchange
Raw
ecc_dh.md

Generate private keys

openssl ecparam -name sect571r1 -genkey -noout -out alice_priv_key.pem
openssl ecparam -name sect571r1 -genkey -noout -out bob_priv_key.pem

Extract public key

openssl ec -in alice_priv_key.pem -pubout -out alice_pub_key.pem
openssl ec -in bob_priv_key.pem -pubout -out bob_pub_key.pem

Generate shared secret

openssl pkeyutl -derive -inkey alice_priv_key.pem -peerkey bob_pub_key.pem -out alice_shared_secret.bin
openssl pkeyutl -derive -inkey bob_priv_key.pem -peerkey alice_pub_key.pem -out bob_shared_secret.bin

Check shared secret

base64 alice_shared_secret.bin
base64 bob_shared_secret.bin
diff <(base64 alice_shared_secret.bin) <(base64 bob_shared_secret.bin)

Encrypt file (alice)

openssl enc -aes-256-cbc -base64 -pass file:alice_shared_secret.bin -md sha256 -p -e -in plain.txt -out cipher.txt

Decrypt file (bob)

openssl enc -aes-256-cbc -base64 -pass file:bob_shared_secret.bin -md sha256 -p -d -in cipher.txt -out plain_again.txt

Encrypt file (bob)

openssl enc -aes-256-cbc -base64 -pass file:bob_shared_secret.bin -md sha256 -p -e -in plain.txt -out cipher.txt

Decrypt file (alice)

openssl enc -aes-256-cbc -base64 -pass file:alice_shared_secret.bin -md sha256 -p -d -in cipher.txt -out plain_again.txt

Source

https://jameshfisher.com/2017/04/14/openssl-ecc/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment