Elliptic Curve Encryption - ECDSA on iOS and Android

Question

Elliptic Curve Encryption - ECDSA on iOS and Android

I am putting together an encryption strategy that will encrypt data shared between iOS and Android devices via BTLE. We would like to use base elliptic curve cryptography.

We are currently rolling out our iOS app, and our Android app will start development next month or so. So my question is this:

I know that on iOS, I can use certificates, keys and trust services to generate a key pair of type kSecAttrKeyTypeECDSA. That's cool.

And I can see the move to Android encryption library, BouncyCastle , also supports ECDSA.

So my question is, can I count on key pairs generated on either platform to work the same in terms of encryption and decryption on both iOS and Android?

i.e.

IOS User A

generated their public / private key pair using iOS ECDSA
contains a link to the public key of user B

Android User B

generates its public / private key pair using BouncyCastle ECDSA
contains a link to the public key of user A.

Can user B encode the message using user A's public key, send the encoded data to user A and expect user A to be able to decode?

+3

android ios encryption ecdsa

user2536583 Dec 12. 14 at 22:43

source to share

1 answer

Maarten bodewes · Answer 1 · 2014-12-13T00:25:08+0000

No, since ECDSA is only used to generate signatures - for example, for authentication. However, ECIES should be available via Bouncy Castle on Android and via CryptoPP on iOS. It is also possible to use ECDH with separate authentication or static-static ECDH, but this may require a bit of a learning curve.

Note that ECIES introduces additional overhead, so be sure to include that in your calculations ...

Elliptic Curve Encryption - ECDSA on iOS and Android

More articles: