The core of the security you are using to access this page is probably provided with Elliptic Curve Cryptography (ECC), and where the session key is created through ECDH (Elliptic Curve Diffie Hellman). While there are a number of curves we can use, such as NIST P-256, Curve 25519 (as used in Tor) and Secp256k1 (as used with Bitcoin), there are some doubts about their security and their performance. And so Microsoft Research has produced the FourQ curve and which has 128-bit security. It is open source and runs efficiently on a number of platforms. If you are interested the prime number used is the Mersenne prime of 2127-1. In tests, the Microsoft team showed that FourQ was four or five times faster than the NIST P-256 curve, and two or three times faster than Curve 25519. As so we turn to the wonderful Cloudflare, and their Circl library.
ECDH with FourQ using Go |
ECDH and FourQ
The core of the security you are using to access this page is probably provided with Elliptic Curve Cryptography (ECC), and where the session key is created through ECDH (Elliptic Curve Diffie Hellman). While there are a number of curves we can use, such as NIST P-256, Curve 25519 (as used in Tor) and Secp256k1 (as used with Bitcoin), there are some doubts about their security and their performance. And so Microsoft Research has produced the FourQ curve and which has 128-bit security. It is open source and runs efficiently on a number of platforms. If you are interested the prime number used is the Mersenne prime of 2127-1. In tests, the Microsoft team showed that FourQ was four or five times faster than the NIST P-256 curve, and two or three times faster than Curve 25519. As so we turn to the wonderful Cloudflare, and their Circl library.
With this, Alice produces her private key (a), and Bob produces his private key (b). We select a point on the elliptic curve (G), and Alice passes aG to Bob, and Bob passes bG to Alice. The shared key is then abG, and which is a point on the elliptic curve. The y coordinate of this point has 32 bytes and is the shared secret.
The curve uses a twisted Edwards equation:
\(-x^{2}+y^{2}=1+dx^{2}y^{2} \)
\(d\) is a non-square in \(\mathbb {F} _{p^{2}}\), and with a Mersenne prime of \(2^{127}-1\).
Coding
So here is a basic Go program to implement:
package main import ( "crypto/rand" "fmt" "io" "encoding/hex" "github.com/cloudflare/circl/ecc/fourq" ) // 32 byte keys used const Size = 32 // type Key [Size]byte // From secret s, calculate public key (public=aG) func KeyGen(public, s *Key) { var P fourq.Point P.ScalarBaseMult((*[32]byte)(s)) P.Marshal((*[Size]byte)(public)) } func Shared(shared, secret, public *Key) bool { var P, Q fourq.Point ok := P.Unmarshal((*[Size]byte)(public)) Q.ScalarMult((*[Size]byte)(secret), &P) Q.Marshal((*[Size]byte)(shared)) ok = ok && Q.IsOnCurve() return ok } func main() { var AliceSecret, BobSecret, AlicePublic, BobPublic, AliceShared, BobShared Key // Generate Alice's private key and public key _, _ = io.ReadFull(rand.Reader, AliceSecret[:32]) KeyGen(&AlicePublic, &AliceSecret) // Generate Bob's private key and public key _, _ = io.ReadFull(rand.Reader, BobSecret[:]) KeyGen(&BobPublic, &BobSecret) fmt.Println("Fourq key sharing") fmt.Println("Alice Secret: ", hex.EncodeToString(AliceSecret[:32])) fmt.Println("Alice Public: ",hex.EncodeToString(AlicePublic[:32])) fmt.Println("\n\nBob Secret: ", hex.EncodeToString(BobSecret[:32])) fmt.Println("Bob Public: ",hex.EncodeToString(BobPublic[:32])) // Determine shared keys Shared(&AliceShared, &AliceSecret, &BobPublic) Shared(&BobShared, &BobSecret, &AlicePublic) fmt.Println("\n\nBob Shared:\t", hex.EncodeToString( BobShared[:32] )) fmt.Println("Alice Shared:\t", hex.EncodeToString( AliceShared[:32] )) }
A sample run is:
Fourq key sharing Alice Secret: 75d2d9e01803c7b5592e3d3ede619baa5fab07fad174152473258b0d77870da2 Alice Public: 2ab11d91240622615d81c14d7050b2295c64d114082b67060cdbb0323749e385 Bob Secret: 6e285734b93bc04988a385ba9606051e8fbe07e401ee27c125bc722a738470aa Bob Public: b71ce91b40b6f525ed514dd8f20d17694dc81aca8dd9128bffd98ce329a4e119 Bob Shared: 05ddc91f81cf2d17e4e2bcd0bacb587605eeeeaa2a482e91ef5dd731300b0594 Alice Shared: 05ddc91f81cf2d17e4e2bcd0bacb587605eeeeaa2a482e91ef5dd731300b0594