Thanks! The example is very helpful. I only had a vague idea about how ECC worked, since we went over it really quickly at the end of the security course I took. As to the level of security provided, I read that effective security level is about half of the size of the prime. So if I'm using ASN1::secp256r1(), the effective security is 128. Does that sound right? (I noticed the concerns over Koblitz curves as well).
On Saturday, December 22, 2012 5:11:27 AM UTC-6, Jeffrey Walton wrote: > > > > On Dec 21, 10:58 pm, "Andrew B." <[email protected]> wrote: > > Thanks for the info. I've been going through the ecctest.zip example at > > the bottom ofhttp://www.cryptopp.com/wiki/Elliptic_Curve_Cryptography > > > > I need to do something pretty similar for sending packets containing > > encrypted values in a simulation. But I couldn't find anywhere where > the > > key size was specified. It needs to be reasonably secure for the > > simulation to be accurate, of course, and I was trying to find out of > there > > was a way to have fixed sizes for the ciphertexts. > A quick and dirty sample was added at > > http://www.cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme#Sample_Code. > > > > Printing the private key was more trouble than I expected. There was > no simple Element = GetBase() (for the base point); nor was there a > simple Element = GetPublicElement() (I just did the exponentiation (or > multiplication, if you prefer)). > > // Base (odd way to retrieve) > const ECPPoint& base = bpc.GetBase(params.GetGroupPrecomputation()); > // Public Key (just do the exponentiation) > const ECPPoint point = > bpc.Exponentiate(params.GetGroupPrecomputation(), > key.GetPrivateExponent()); > > Also, something looks broken here: > > // This crashes due to NotImplemented exception, but it should work. > We are trying to generate a key, > // and the call is being made on a DL_PrivateKeyImpl<...>. > NotImplemented is thrown > // when generating curves since Crypto++ does not do it (point > counting is tricky business). > // > http://sourceforge.net/tracker/?func=detail&aid=3598113&group_id=6152&atid=356152 > > //ECIES<ECP>::Decryptor decryptor; > // > decryptor.AccessKey().AccessGroupParameters().Initialize(ASN1::secp256r1()); > > //decryptor.AccessKey().GenerateRandom(prng, g_nullNameValuePairs); > > Jeff > > > On Friday, December 21, 2012 7:03:00 PM UTC-6, Jeffrey Walton wrote: > > > > > On Dec 20, 5:58 pm, "Andrew B." <[email protected]> wrote: > > > > What is the default key size for ECIES keys? I'm following the > ecctest > > > > example from the wiki, which doesn't specify a key size anywhere, > and I > > > > can't find any information about a default value or a function for > > > finding > > > > the size of a key. > > > ECIES is part of a family of encryption systems based on Diffie- > > > Hellman called DHAES. Abdalla, Bellare, and Rogaway's paper: > > >http://www.cs.ucdavis.edu/research/tech-reports/1998/CSE-98-13.pdf. > > > > > The ECIES structure is declared in eccrypto.h ( > http://www.cryptopp.com/ > > > docs/ref/struct_e_c_i_e_s.html< > http://www.cryptopp.com/docs/ref/struct_e_c_i_e_s.html>). > > > Comments in the header indicate the > > > best security and efficiency is obtained with > > > IncompatibleCofactorMultiplication and DHAES_MODE = true. > > > > > To see how the library uses ECIES, take a look at validat2.cpp, > > > ValidateECP() and ValidateEC2N(): > > > > > ECIES<ECP>::Decryptor cpriv(GlobalRNG(), ASN1::secp192r1()); > > > ECIES<ECP>::Encryptor cpub(cpriv); > > > .... > > > > > and > > > > > ECIES<EC2N>::Decryptor cpriv(GlobalRNG(), ASN1::sect193r1()); > > > ECIES<EC2N>::Encryptor cpub(cpriv); > > > ... > > > > > I'll try to get an example up on the wiki soon. Its been on my TODO > > > list for too long. > -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
