4

I'm putting together an encryption strategy that will encrypt data shared between iOS and Android devices over BTLE. We would like to use a basic elliptic curve cryptography.

We're currently implementing our iOS app and our Android app will kick-off development in the next month or so. So, my question is as follows:

I know on iOS I can use Certificate, Key and Trust Services to generate a key pair of type kSecAttrKeyTypeECDSA. This is cool.

And I see that the go to encryption library for Android, BouncyCastle, also supports ECDSA.

So, my question is.. can I count on key-pairs generated on either platform to operate the same in terms of encryption and decryption on both iOS and Android?

i.e.

iOS User A

  • generated their public/private key pair using iOS ECDSA
  • holds reference to user B's public key

Android User B

  • generated their public/private key pair using BouncyCastle ECDSA
  • holds reference to user A's public key

Can user B encode a message using user A's public key.. send the encoded data to user A and expect user A to be able to decode?

user2536583
  • 71
  • 1
  • 6

1 Answers1

4

No, because ECDSA is only used to generate signatures - for instance to authenticate. ECIES should however be available using Bouncy Castle on Android and through CryptoPP on iOS. It's also possible to use ECDH with separate authentication or static-static ECDH but that might require a bit of a learning curve.

Note that ECIES introduces additional overhead, so don't forget to put that into your calculations...

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263