-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Shared secret byte size #9
Comments
Hi @nguterresn and thanks for checking out my library :) From the top of my head: The private key is a scalar (an integer number) whereas the public key is a point (two scalars for x- and y-coordinate). The shared secret is a point, which is therefore the same size as the public key (twice the size of the private key). |
By the name of the curve, I thought the number 163 was the size of the output key. I'm really confused about this because I'm trying to establish a shared key with another device and the shared key, even tho it is the same curve, doesn't match. Plus, when I compute the public key and send it, it's not recognized as being from the same curve as the destination curve. I hope you can help and thanks for your time. :) |
163 here is the size of the Galois field used. GF(2^m) where m = 163. There are several ways to store the keys. Using point-compression, the shared secret can be compressed to around half size, which could explain what you've seen. If you are inter-operating with other libraries, please ensure the format of the exchanged parameters are compatible (endianness, is point-compression used etc.). See more here: http://www.secg.org/sec2-v2.pdf |
Thanks for the explaining, appreciate it. The other device is returning a public key with 43 bytes, because of that 1 byte reserved for format info(In this case, I already converted little endian to big endian public key, but it is still not recognized as being from the same curve. EDIT: By saying;
I mean, its what showed up when compiled. |
Can I see the source code of the other ECDH library you're using? |
I haven't been able to find another library that supported the same curves, so I haven't made any compliance testing against other libraries. |
The library is: Node.js crypto |
By the way, how can you test the vectors? k, x, and y replace which variable? |
k is a constant, x and y are the coordinates for the base point P. |
Closing the issue. Feel free to re-open if you feel you didn't get the answers you expected :) |
Hello, I'm using this library to create a shared secret using 'sect163k1' elliptic curve.
At the end of the
ecdh_example.c
I noticed the shared secret hasECC_PUB_KEY_SIZE
byte size.Shouldn't it be
ECC_PRV_KEY_SIZE
? I'm not saying it's wrong, just trying to understand the code.Thanks in advance!
The text was updated successfully, but these errors were encountered: