github.com/kisexp/xdchain@v0.0.0-20211206025815-490d6b732aa7/crypto/ecies/README (about)

     1  # NOTE
     2  
     3  This implementation is direct fork of Kylom's implementation. I claim no authorship over this code apart from some minor modifications.
     4  Please be aware this code **has not yet been reviewed**.
     5  
     6  ecies implements the Elliptic Curve Integrated Encryption Scheme.
     7  
     8  The package is designed to be compliant with the appropriate NIST
     9  standards, and therefore doesn't support the full SEC 1 algorithm set.
    10  
    11  
    12  STATUS:
    13  
    14  ecies should be ready for use. The ASN.1 support is only complete so
    15  far as to supported the listed algorithms before.
    16  
    17  
    18  CAVEATS
    19  
    20  1. CMAC support is currently not present.
    21  
    22  
    23  SUPPORTED ALGORITHMS
    24  
    25          SYMMETRIC CIPHERS               HASH FUNCTIONS
    26               AES128                         SHA-1
    27               AES192                        SHA-224
    28               AES256                        SHA-256
    29                                             SHA-384
    30          ELLIPTIC CURVE                     SHA-512
    31               P256
    32               P384		    KEY DERIVATION FUNCTION
    33               P521	       NIST SP 800-65a Concatenation KDF
    34  
    35  Curve P224 isn't supported because it does not provide a minimum security
    36  level of AES128 with HMAC-SHA1. According to NIST SP 800-57, the security
    37  level of P224 is 112 bits of security. Symmetric ciphers use CTR-mode;
    38  message tags are computed using HMAC-<HASH> function.
    39  
    40  
    41  CURVE SELECTION
    42  
    43  According to NIST SP 800-57, the following curves should be selected:
    44  
    45      +----------------+-------+
    46      | SYMMETRIC SIZE | CURVE |
    47      +----------------+-------+
    48      |     128-bit    |  P256 |
    49      +----------------+-------+
    50      |     192-bit    |  P384 |
    51      +----------------+-------+
    52      |     256-bit    |  P521 |
    53      +----------------+-------+
    54  
    55  
    56  TODO
    57  
    58  1. Look at serialising the parameters with the SEC 1 ASN.1 module.
    59  2. Validate ASN.1 formats with SEC 1.
    60  
    61  
    62  TEST VECTORS
    63  
    64  The only test vectors I've found so far date from 1993, predating AES
    65  and including only 163-bit curves. Therefore, there are no published
    66  test vectors to compare to.
    67  
    68  
    69  LICENSE
    70  
    71  ecies is released under the same license as the Go source code. See the
    72  LICENSE file for details.
    73  
    74  
    75  REFERENCES
    76  
    77  * SEC (Standard for Efficient Cryptography) 1, version 2.0: Elliptic
    78    Curve Cryptography; Certicom, May 2009.
    79    http://www.secg.org/sec1-v2.pdf
    80  * GEC (Guidelines for Efficient Cryptography) 2, version 0.3: Test
    81    Vectors for SEC 1; Certicom, September 1999.
    82    http://read.pudn.com/downloads168/doc/772358/TestVectorsforSEC%201-gec2.pdf
    83  * NIST SP 800-56a: Recommendation for Pair-Wise Key Establishment Schemes
    84    Using Discrete Logarithm Cryptography. National Institute of Standards
    85    and Technology, May 2007.
    86    http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf
    87  * Suite B Implementer’s Guide to NIST SP 800-56A. National Security
    88    Agency, July 28, 2009.
    89    http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf
    90  * NIST SP 800-57: Recommendation for Key Management – Part 1: General
    91    (Revision 3). National Institute of Standards and Technology, July
    92    2012.
    93    http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf
    94