Skip to content

Encryption Specification (ECIES)

Jump to bottom Edit New page
Ethan Gordon edited this page Aug 27, 2014 · 1 revision

All Private-Public Key pairs are created with the P256 Elliptic Curve algorithm. Public keys are 65-byte serialized. Byte 1 is 0x04, the next 32 bytes are the X-coordinate, and the next 32 bytes are the Y-coordinate.

Message Encryption

  1. Start with the Recipient’s ECC Public Key and Plaintext

  2. Generate a Random ECC Public-Private Key Pair

  3. Scalar-Multiply the Random Private Key with the Recipient’s Public Key to generate the Encryption Public Key

  4. Take the SHA-512 Hash of the serialized Encryption Public Key

  5. Use the first 32-bytes of the hash as the AES-256 encryption key for the Plaintext to generate the Ciphertext

  6. Use the last 32-bytes of the hash as the HMAC/SHA-256 key of the Plaintext to generate the HMAC

  7. Return the AES-256 IV, the Random Public Key, the Ciphertext, and the HMAC as the combined encrypted message.

Message Decryption

  1. Start with the AES-256 IV, the Random Public Key, the Ciphertext, the HMAC, and the Recipient’s Private Key.

  2. Scalar-Multiply the Random Public Key and the Recipient’s Private Key to generate the Encryption Public Key

  3. Take the SHA-512 Hash of the serialized Encryption Public Key

  4. Use the last 32-bytes of the hash as the key to validate the HMAC

  5. Use the first 32-bytes of the hash as the AES-256 Decryption key on the Ciphertext and IV to generate the Plaintext

  6. Return the Plaintext as the unencrypted message.

Have questions about EMP? Contact the developers!

Add a custom sidebar
Clone this wiki locally