sandeep_banisetti February 2016
### Key derivation function for Shared secret generated by diffie hellman key exchange

How do i use the shared secret genrated by diffie hellman key exchange further, for key derivation function.

This is my code:

```
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDH", "BC");
ECGenParameterSpec ecsp;
ecsp = new ECGenParameterSpec("secp192r1");
keyGen.initialize(ecsp, new SecureRandom());
// Generate RSA Assymetric KeyPair
KeyPair alice_pair = keyGen.generateKeyPair();
// Extract Public Key
PublicKey alice_pub = alice_pair.getPublic();
// Extract Private Key
PrivateKey alice_pvt = alice_pair.getPrivate();
KeyAgreement alice_agreement = KeyAgreement.getInstance("ECDH","BC");
alice_agreement.init(alice_pair.getPrivate());
alice_agreement.doPhase(bob_pub, true);
byte[] alice_secret = alice_agreement.generateSecret();
SecretKeySpec alice_aes = new SecretKeySpec(alice_secret, "AES");
// Create KeyAgreement for Bob
KeyAgreement bob_agreement = KeyAgreement.getInstance("ECDH","BC");
bob_agreement.init(bob_pvt);
bob_agreement.doPhase(alice_pub, true);
```

Can the shared secret can be ECC curve point?

The resulting shared secret is always a curve point. That is why you shouldn't work with the ECDH secret directly, because just a few secrets from the whole space of all secrets are curve points and some bits from the result are "weak" - predictable with the knowledge of the chosen elliptic curve.

You should do following steps to get a secret AES key:

- Hash the result of ECDH with some secure hash algorithm (SHA256, SHA512).
- Take the first 16 bytes of the hash
- Create an AES key.

Note:

You are using Bouncy Castle crypto provider. According to its documentation and the source code, the shared secret result you get is the X affine coordinate of your desired EC point (an instance of `java.math.BigInteger`

) encoded as a byte array.

Asked in February 2016

Viewed 3,173 times

Voted 9

Answered 1 times

Viewed 3,173 times

Voted 9

Answered 1 times