使用ECDH与ECIES进行密钥交换 [英] Key exchange using ECDH vs ECIES

问题描述

我是ECC加密编程的初学者.有谁能通过接收方的公共密钥对共享密钥进行加密，从而向我解释使用ECDH进行共享密钥交换和使用ECIES的区别吗?我感觉只要私钥是秘密的，ECIES也可以为我提供安全的密钥交换.谢谢.

I'm a beginner to ECC crypto programming. Does any one explain to me the difference with using ECDH for shared key exchange and use of ECIES by encrypting shared key with the public key of the receiver ? I'm feeling that ECIES could also provide me secure key exchange as long as the private key is kept secret. Thank you.

推荐答案

ECDH是共享的秘密派生协议.两方使用他们自己的私钥"和伙伴的公钥"知识来生成共享机密.通常，私钥是用于密钥协商的随机数，然后被丢弃.

ECDH is a shared-secret derivation protocol. Two parties use knowledge of their own "private key" and their partner's "public key" to generate a shared secret. Generally the private keys are random numbers used for the key negotiation, and then discarded.

ECIES使用与ECDH相同的方案来生成共享机密"，其中私钥"之一是随机数，并且其相应的公钥包含在消息本身中.这意味着共享密钥只能由具有其他私钥的人派生.然后，使用共享机密作为密钥，使用AES等其他方案对消息本身进行加密.

ECIES uses the same scheme as ECDH to generate a "shared secret", where one of the "private keys" is a random number, and its corresponding public key is included in the message itself. This means that the shared secret is derivable only by the person with the other private key. The message itself is then encrypted with some other scheme like AES, using the shared secret as the key.

如果您要进行密钥协商，那么ECDH是解决之道.(必须注意:当然，您不应该为生产系统使用自己的加密货币，而应该使用TLS.)

If you're doing key negotiation, ECDH is the way to go. (Mandatory note: Of course, you shouldn't roll your own crypto for a production system, just use TLS.)

这篇关于使用ECDH与ECIES进行密钥交换的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！