Ashish Gulhati
and 1 contributors

NAME

Crypt::EECDH - Simple ephemeral ECDH + AES hybrid cryptosystem

VERSION

 $Revision: 1.007 $
 $Date: Tue Oct 16 23:45:54 PDT 2018 $

SYNOPSIS

    use Crypt::EECDH;

    my $eecdh = new Crypt::EECDH;

    # Generate server's signing keypair
    my ($pub_signkey, $sec_signkey) = $eecdh->signkeygen;

    # Generate server's messaging key and signature
    my ($pubkey, $seckey, $signature) =
      $eecdh->keygen( PrivateKey => $sec_signkey, PublicKey => $pub_signkey );

    my $msg = "Testing";

    # Encrypt a message to server
    my ($encrypted, $clientsec) = $eecdh->encrypt( PublicKey => $pubkey,
      Message => $msg, SigningKey => $pub_signkey, Signature => $signature );

    # Server decrypts message
    my ($decrypted, $clientpub) =
      $eecdh->decrypt( Key => $seckey, Ciphertext => $encrypted );
    print "OK\n" if $decrypted eq $msg;

    # Server encrypts response (using a fresh ephemeral keypair)
    my ($encrypted2, $newsec) =
      $eecdh->encrypt( PublicKey => $clientpub, Message => $msg );

    # Client decrypts the response
    my ($decrypted2, $newpub) =
      $eecdh->decrypt( Key => $clientsec, Ciphertext => $encrypted2);

    # Now client can use $newpub to encrypt another message and the
    # exchange can continue. Note that the server will need to hold on
    # to $newsec in order to decrypt the response.

    # Alternately the client can use server's $pubkey for all messages
    # it sends, which frees server from having to keep track of new
    # ephemeral keys.

DESCRIPTION

A simple hybrid crypto system with ephemeral ECDH key agreement in combination with the AES cipher.

TECHNICAL DETAILS

This modules uses Daniel J. Bernstein's curve25519 to perform a Diffie-Hellman key agreement. A new keypair is generated for every encryption operation. The shared key resulting from the key agreement is hashed and used to encrypt the plaintext using AES in CBC mode (with the IV deterministically derived from the public key). It also adds a HMAC, with the key derived from the same shared secret as the encryption key.

Some of the code in this module (and most of the text of the previous paragraph) is from the Crypt::ECDH_ES module, which provides one-way communication functionality in an ephemeral-static mode, where one side (the decoder or "server") uses a static key.

Crypt::EECDH provides full two-way encryption capability with ephemeral keys on both sides. Instead of a static messaging key, the server uses a static signing key, and signs its ephemeral messaging keys with its signing key. The signing key is never used to encrypt messages. The server may generate a new ephemeral messaging key pair at the start of each client session, or it may perodically generate and publish new messaging keys.

METHODS

new

Creates and returns a new Crypt::EECDH object. The following optional named parameters can be provided:

    SigScheme - The signature scheme to use for the signing keys. Valid options are 'ECDSA' and 'Ed25519', which use the Crypt::EC_DSA and Crypt::Ed25519 modules respectively. The default is 'ECDSA'.

    Debug - Set to a true value to have the module emit messages useful for debugging.

signkeygen

Generates and returns a signing keypair as a two element list, with the public key as the first element, private key as the second.

keygen

Generates and returns a messaging keypair as a two element list, with the public key as the first element, private key as the second. The following optional parameters may be provided:

    PrivateKey - The signing private key

    PublicKey - The signing public key

encrypt

Encrypts a message. A new keypair is generated for each encryption operation. Returns a list whose first element is the cipherext and second element is the generated private key. The following named parameters are required:

    PublicKey - The public messaging key of the recipient

    Message - The message to be encrypted

The following optional parameters can be provided:

    SigningKey - The public signing key of the recipient

    Signature - Signature on the messaging key

decrypt

Decrypts a message. Returns a list whose first element is the decrypted message and second element is the public key of the sender. The following named parameters are required:

    Key - The private messaging key of the recipient

    Ciphertext - The ciphertext to be decrypted

SEE ALSO

AUTHOR

Ashish Gulhati, <crypt-eecdh at hash.neo.tc>

BUGS

Please report any bugs or feature requests to bug-crypt-eecdh at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Crypt-EECDH. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

    perldoc Crypt::EECDH

You can also look for information at:

ACKNOWLEDGEMENTS

Some of the code in this module is from Crypt::ECDH_ES by Leon Timmermans <leont@cpan.org>

LICENSE AND COPYRIGHT

Copyright (c) Ashish Gulhati.

This software package is Open Software; you can use, redistribute, and/or modify it under the terms of the Open Artistic License 2.0.

Please see http://www.opensoftwr.org/oal20.txt for the full license terms, and ensure that the license grant applies to you before using or modifying this software. By using or modifying this software, you indicate your agreement with the license terms.