Giters

libtom / libtomcrypt

LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.

Home Page:https://www.libtom.net

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Wishlist: Shamir Shared Secret and ECIES

pakal opened this issue · comments

commented

Thanks for the awesome (and low footprint) lib :)

Some more wishlist for the projet ^^

  • Shamir shared secret, e.g. compatible with Pycryptodome's ones
  • Providing an alternative to RSA for Public key encryption, for example the powerful but little-implemented ECIES
commented

Thanks for the awesome (and low footprint) lib :)

:)

  • Shamir shared secret, e.g. compatible with Pycryptodome's ones

Yeah, that would be nice.

  • Providing an alternative to RSA for Public key encryption, for example the powerful but little-implemented ECIES

There exists ecc_encrypt_key() resp. ecc_decrypt_key() which claims

libtomcrypt/doc/crypt.tex

Lines 5764 to 5766 in f7e6519

ECDH Encryption is performed by producing a random key, hashing it, and XOR'ing the digest against the plaintext. It is not strictly ANSI X9.63 compliant
but it is very similar. It has been extended by using an ASN.1 sequence and hash object identifiers to allow portable usage. The following function
encrypts a short string (no longer than the message digest) using this technique:

Does this work for you?

commented

Here are some references for low-dependency Shamir that I found, just in case it helps

Tested by me on MSP430

https://github.com/fletcher/c-sss ((MIT LICENSE, works)

https://github.com/rbaron/secret (MIT LICENSE, works but uses big matrix to reverse polynomial)

Untested by me

https://github.com/MrJoy/ssss (GNU GENERAL PUBLIC LICENSE, needs GMP)

https://github.com/bertrand-maujean/lib_sss (GNU AFFERO GENERAL PUBLIC LICENSE)

commented

Thanks a lot for the pointer to ecc_encrypt_key(), I had completely missed this one :)

We'd need a quite portable/standard algorithm (compatible with Python implementations too) so I was thinking more of ECIES or the likes, but this one could be a valuable fallback solution, if linked to all languages.