Home Ask Login Register

Developers Planet

Your answer is one click away!

sandeep_banisetti February 2016

Key derivation function for Shared secret generated by diffie hellman key exchange

How do i use the shared secret genrated by diffie hellman key exchange further, for key derivation function.

This is my code:

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDH", "BC");

        ECGenParameterSpec ecsp;
        ecsp = new ECGenParameterSpec("secp192r1");

        keyGen.initialize(ecsp, new SecureRandom());
        // Generate RSA Assymetric KeyPair
        KeyPair alice_pair = keyGen.generateKeyPair();
        // Extract Public Key
        PublicKey alice_pub =  alice_pair.getPublic();
        // Extract Private Key
        PrivateKey alice_pvt = alice_pair.getPrivate();

  KeyAgreement alice_agreement =    KeyAgreement.getInstance("ECDH","BC");
        alice_agreement.doPhase(bob_pub, true);
        byte[] alice_secret = alice_agreement.generateSecret();
        SecretKeySpec alice_aes = new SecretKeySpec(alice_secret, "AES");

        // Create KeyAgreement for Bob
        KeyAgreement bob_agreement = KeyAgreement.getInstance("ECDH","BC");
        bob_agreement.doPhase(alice_pub, true); 

Can the shared secret can be ECC curve point?


vojta February 2016

The resulting shared secret is always a curve point. That is why you shouldn't work with the ECDH secret directly, because just a few secrets from the whole space of all secrets are curve points and some bits from the result are "weak" - predictable with the knowledge of the chosen elliptic curve.

You should do following steps to get a secret AES key:

  1. Hash the result of ECDH with some secure hash algorithm (SHA256, SHA512).
  2. Take the first 16 bytes of the hash
  3. Create an AES key.


You are using Bouncy Castle crypto provider. According to its documentation and the source code, the shared secret result you get is the X affine coordinate of your desired EC point (an instance of java.math.BigInteger) encoded as a byte array.

Post Status

Asked in February 2016
Viewed 3,173 times
Voted 9
Answered 1 times


Leave an answer

Quote of the day: live life