Elliptic Curve Java

Question

I have to do a program in Java that compares 3 different asymmetric cipher algorithms. I want to choose the key size and the message size (that will be generated randomly), and I'd like to show the different time that every algorithm will be take for encrypt the same text with a key with the same dimension.

I want to compare RSA, DSA and ECIES. The first two don't pose any problems but for the last one I don't know what to do.

The main problems are :

Which elliptic curve is safe to use?
Can I use the same curve for different key sizes?
How can I create a Cipher in Java that uses "ECIES", it doesn't seem to exist?

Maarten Bodewes · Accepted Answer · 2014-08-30T17:40:13.193

5

ECIES is not present in the normal Java libraries, at least not up to the current date. You have to use a library like Bouncy Castle.

For quality of the curves you could take a look at http://safecurves.cr.yp.to (if you have the stomach for it). Each set of domain parameters is always directly tied to the key size. I like Brainpool curves myself; they are relatively standard and relatively safe if you use them with some care.

Note: never directly encrypt plaintext with RSA, DSA or ECIES, always try and use hybrid cryptography. So compare with input sizes of 128, 192 or 256 bits at most.

So, without further ado.

public static void main(String[] args) throws Exception {
    Security.addProvider(new BouncyCastleProvider());

    KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECIES");
    ECGenParameterSpec brainpoolP256R1 = new ECGenParameterSpec(
            "brainpoolP256R1");
    kpg.initialize(brainpoolP256R1);
    KeyPair kp = kpg.generateKeyPair();

    Cipher c = Cipher.getInstance("ECIES");
    c.init(Cipher.ENCRYPT_MODE, kp.getPublic());

    final byte[] aesKeyData = new byte[16];
    SecureRandom rng = new SecureRandom();
    rng.nextBytes(aesKeyData);

    byte[] wrappedKey = c.doFinal(aesKeyData);
    SecretKey aesKey = new SecretKeySpec(aesKeyData, "AES");
    Arrays.fill(aesKeyData, (byte) 0);
}

edited Aug 30 '14 at 17:40

answered Aug 30 '14 at 17:20

Maarten Bodewes

90,524
13
150
263

And note that Guava has a nice `StopWatch` class. – Maarten Bodewes Aug 30 '14 at 17:21
I think ECIES is already a hybrid encryption scheme and it will run the AES crypto for you. The example code therefore does some extra work. – Roman Plášil May 12 '16 at 09:30
@RomanPlášil Yes, ECIES *is by definition* a hybrid cryptosystem. It basically estabilishes a symmetric key using ECDH (and tosses away the ephemeral private key used by the "sender"). So the outcome of the asymmetric operation within ECIES is simply that secret key, not a ciphertext. – Maarten Bodewes May 12 '16 at 09:46
.... and the outcome of using `Cipher` that was set to "ECIES" in Java will be a ciphertext encrypted using AES (by default) using a key generated as you said. So you don't need to code this part yourself. – Roman Plášil May 18 '16 at 14:01
It's of course the Bouncy Castle provider rather than "Java" that decides that AES encryption is the default but otherwise yes, that's correct. – Maarten Bodewes May 18 '16 at 14:34

Elliptic Curve Java

1 Answers1