TransWikia.com

Has the ECDH protocol been designed just for key exchange or is it widely used for key exchange?

Cryptography Asked by Manish Kaul on October 24, 2021

As far as my understanding of the ECDH goes, after systems are encrypted using ECDH protocol, any data that comes out of the first system will be encrypted and can only be decrypted at the receiving end. Literature says that ECDH is used for the purpose of key exchange(when data is encrypted using symmetric encryption methods like AES) but can I not communicate application data via ECDH (regardless of whether or not I’m further encrypting the data at application layer using something like AES-CTR or DES) ?
PS: I’m trying to establish encrypted communication between 2 BLE devices.

One Answer

As far as my understanding of the ECDH goes, after systems are encrypted using ECDH protocol

Stop right here, you cannot encrypt data using ECDH. ECDH is an algorithm, not a full fledged transport protocol (or protocol for securing data at rest, for that matter).

Literature says that ECDH is used for the purpose of key exchange(when data is encrypted using symmetric encryption methods like AES) but can I not communicate application data via ECDH

That's correct. The only thing that is required for ECDH is the public key, and - in specific situations - a nonce. The public key of the sender / receiver is send to the other party for key agreement. Anything else is outside of the ECDH algorithm, and you cannot use the public key to encrypt data directly.

PS: I'm trying to establish encrypted communication between 2 BLE devices.

Right, so you need to follow the Bluetooth protocols and ask us crypto specific questions about it, or ask StackOverflow when it comes to implementation specific questions. The IT security site can be asked about things like key management and practical security of the protocol.

If you want to encrypt just a specific message you may need to look at (EC)IES which uses ECDH for message based encryption. Beware that the scheme requires a trusted, static public key though (otherwise you obviously don't know who can decrypt, and you're therefore susceptible to MitM attacks).

Answered by Maarten Bodewes on October 24, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP