I use an encryption scheme based on a symmetric cipher, with the corresponding symmetric key encrypted with RSA/OAEP using the public RSA key of the recipient.
I now want to use ECC crypto in replacement of RSA. Looking at the openssl API I can see that there is no RSA equivalent ECC encryption of a key, but only key derivation.
As the same symmetric key has to be encrypted for several different recipients, each of them owning its own encryption public ECC key, I can’t directly use the derived key as the symmetric key.
So I am considering doing this:
I think that using xor encryption here is safe as:
But maybe have I missed something?
It sounds like you're looking to implement something very similar to what was asked about here, with the addition of a signature of the ephemeral public key. But as poncho's answer points out, the potential malleability of the XORed key and the ciphertext could potentially pose some problems. The way the shared secret is derived may also introduce the possibility for issues here, though following the ECIES method with a KDF should help.
For the sake of differentiating this question from Maarten Bodewes's question, I'll assume you're more interested in replacing your existing scheme than implementing exactly what you've described. One potential option to consider to using standard ECIES (using an ephemeral key and KDF to generate a new symmetric key) to encrypt the symmetric key of your original data. This would certainly have both some computational and size overhead, but should achieve your goal.
Here you could still sign the ECIES output (or probably just the ephemeral public key) if that authentication is important to your system. But if you can afford the overhead that might be a safer/less experimental approach.
Answered by thesquaregroot on December 31, 2021
1 Asked on February 23, 2021 by ssa
2 Asked on February 23, 2021 by mint-branch-conditioner
0 Asked on February 21, 2021
0 Asked on February 19, 2021 by irwin
0 Asked on February 18, 2021 by confused-andstuck
1 Asked on February 18, 2021
0 Asked on February 16, 2021
0 Asked on February 13, 2021 by forest
0 Asked on February 9, 2021 by doctopus
1 Asked on January 30, 2021 by jusmin
3 Asked on January 29, 2021 by 38fule
2 Asked on January 26, 2021 by columbida
3 Asked on January 22, 2021 by m-s-dousti
0 Asked on January 22, 2021 by modal-nest
0 Asked on January 19, 2021 by antonis-paragas
7 Asked on January 18, 2021
5 Asked on January 15, 2021 by johankj
0 Asked on January 14, 2021 by ay
Get help from others!