Crypt::ECDH_ES - A fast and small hybrid crypto system


version 0.003


 my $ciphertext = ecdhes_encrypt($data, $key);
 my $plaintext = ecdhes_decrypt($ciphertext, $key);


This module uses elliptic curve cryptography in an ephemerical-static configuration combined with the AES cipher to achieve a hybrid cryptographical system. Both the public and the private key are simply 32 byte blobs.


You may want to use this module when storing sensive data in such a way that the encoding side can't read it afterwards, for example a website storing credit card data in a database that will be used by a separate back-end financial processor. When used in this way, a leak of the database and keys given to the website will not leak those credit card numbers.


This distribution comes with no warranties whatsoever. While the author believes he's at least somewhat clueful in cryptography and it based on a well-understood model (ECIES), he is not a profesional cryptographer. Users of this distribution are encouraged to read the source of this distribution and its dependencies to make their own, hopefully well-informed, assesment of the security of this cryptosystem.


This modules uses Daniel J. Bernstein's curve25519 (also used by OpenSSH) to perform a Diffie-Hellman key agreement between an encoder and a decoder. The keys of the decoder should be known in advance (as this system works as a one-way communication mechanism), for the encoder a new keypair is generated for every encryption using the system's cryptographically secure pseudo-random number generator. The shared key resulting from the key agreement is hashed and used to encrypt the plaintext using AES in CBC mode (with the IV deterministically derived from the public key). It also adds a HMAC, with the key derived from the same shared secret as the encryption key.

All cryptographic components are believed to provide at least 128-bits of security.


ecdhes_encrypt($public_key, $plaintext)

This will encrypt $plaintext using $public_key. This is a probabilistic encryption: the result will be different for every invocation.

ecdhes_decrypt($private_key, $ciphertext)

This will decrypt $ciphertext using $public_key and return the plaintext.


This function generates a new random curve25519 keypair and returns it as ($public_key, private_key)


  • Crypt::OpenPGP

    This module can be used to achieve exactly the same effect in a more standardized way, but it requires much more infrastructure (such as a keychain), many more dependencies, larger messages and more thinking about various settings.

    On the other hand, if your use-case has authenticity-checking needs that can not be solved using a MAC, you may want to use it instead of Crypt::ECDH_ES.

  • Crypt::Ed25519

    This is a public key signing/verification system based on an equivalent curve.


Leon Timmermans <>


This software is copyright (c) 2015 by Leon Timmermans.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.