Question
I've been trying to switch from RSA to ECC in my code. At first, I tried using Bouncycastle, but I was having difficulties getting named curves to work. None of the sample code I found was working.
So I tried JECC and it worked just fine, except for one problem. When using the "secp256r1" curve, I could only encode 20 bytes, 160 bits, before it gave me an "index out of range" error.
Is this a limitation with JECC, Elliptic Curves in general, or maybe my own code? I tried researching the problem online and can't find any reference to how much data a 256 bit ECC key can encode. With RSA, I could encode any data smaller then the key used.
Additionally, how important is data padding with ECC? I couldn't find any information on standard padding practices with ECC.
Thank you in advance for your help.
EDIT: Here is my code in case you were wondering. I slightly modified the original JACC code so there aren't any typecasts.
https://stackoverflow.com/questions/19456627
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianECCryptoSystem cs = new ECCryptoSystem(new EllipticCurve(new secp256r1()));
t1=System.currentTimeMillis();
ECKey sk = cs.generateKey(); // secure key
ECKey pk = sk.getPublic(); // public key
t2=System.currentTimeMillis();
System.out.println("Generated keys in "+(t2-t1)+"ms.");
for(int c=0;c<10;c++){
t1=System.currentTimeMillis();
byte[] s1=args[0].getBytes();
byte[] s2=cs.encrypt(s1,args[0].length(),pk);
byte[] s3=cs.decrypt(s2,sk);
t2=System.currentTimeMillis();
if(Arrays.equals(s1,s2)){System.out.println("Bad encryption!");}
if(!Arrays.equals(s1,s3)){System.out.println("Bad decryption!");}
String decoded = new String(s3, "UTF-8");
System.out.println("loop "+(c+1)+": \""+decoded+"\" ("+decoded.length()+" Characters) in "+(t2-t1)+"ms.");
}
And here's how I ran it:
$ java Mecc "This is a good test."
Generated keys in 397ms.
loop 1: "This is a good test." (20 Characters) in 208ms.
loop 2: "This is a good test." (20 Characters) in 107ms.
loop 3: "This is a good test." (20 Characters) in 69ms.
loop 4: "This is a good test." (20 Characters) in 68ms.
loop 5: "This is a good test." (20 Characters) in 73ms.
loop 6: "This is a good test." (20 Characters) in 59ms.
loop 7: "This is a good test." (20 Characters) in 64ms.
loop 8: "This is a good test." (20 Characters) in 58ms.
loop 9: "This is a good test." (20 Characters) in 60ms.
loop 10: "This is a good test." (20 Characters) in 60ms.
$ java Mecc "This is a good test.."
Generated keys in 555ms.
Error: java.lang.ArrayIndexOutOfBoundsException: 20
FYI: You can see how the JIT compiler speeds things up after a few loops.
Another EDIT: I just stepped through the JECC code and found something interesting:
hash = MessageDigest.getInstance("SHA-1");
...
byte[] digest = hash.digest();
for(int j = 0; j < numbytes; j++) {
res[j+ek.mother.getPCS()]=(byte) (input[j]^digest[j]);
}
It seems the data is xored against the hash. If I change the "SHA-1" to "SHA-256", I no longer get the error.
Now I'm not a cryptographer, and I'd rather not change the core functionality of JECC, but is this a valid solution?
Solution
The reason why JECC only encrypts 20 bytes of plaintext is that during encryption process it tries to XOR the input with digest value. The digest length of SHA-1 used by JECC is 160 bits(20 bytes).
Also JECC doesn't encrypt the data using ECC, rather it's a prototype of ECIES, which involves generating symmetric key using ECC Diffie Hellman key exchange and than using any custom symmetric encryption algorithm.
