The resulting shared secret is always a curve point. That is why you shouldn't work with the ECDH secret directly, because just a few secrets from the whole space of all secrets are curve points and some bits from the result are "weak" - predictable with the knowledge of the chosen elliptic curve.
You should do following steps to get a secret AES key:
Hash the result of ECDH with some secure hash algorithm (SHA256, SHA512).
Take the first 16 bytes of the hash
Create an AES key.
You are using Bouncy Castle crypto provider. According to its documentation and the source code, the shared secret result you get is the X affine coordinate of your desired EC point (an instance of java.math.BigInteger) encoded as a byte array.
Asked in February 2016Viewed 3,173 timesVoted 9Answered 1 times