edx
| Crates.io | edx |
| lib.rs | edx |
| version | 0.1.0 |
| source | src |
| created_at | 2024-11-17 10:25:30.31897 |
| updated_at | 2024-11-17 10:25:30.31897 |
| description | ECDH key exchange using Ed25519 derived keys |
| homepage | |
| repository | https://codeberg.org/nightsail/edx.git |
| max_upload_size | |
| id | 1451088 |
| size | 28,926 |
Blair Noctis (nc7s)
documentation
README
= edx: ECDH key exchange using ECDH derived keys
https://crates.io/crates/edx[image:https://img.shields.io/crates/v/edx?style=for-the-badge&logo=rust[crates.io]] https://docs.rs/edx[image:https://img.shields.io/docsrs/edx?style=for-the-badge[docs.rs]]
This is a toy project, it has NOT been subject to any cryptographic analysis or audit.
DO NOT USE IT IN ACTUAL COMMUNICATIONS YET!
== What
Derive from Ed25519 keys and use these derived keys for ECDH key exchange.
See https://docs.rs/edx[docs] and an link:./examples/simple.rs[example] for its usage; and its link:./edx.en.adoc[specification].
Currently only key types from https://crates.io/crates/ed25519-dalek[ed25519-dalek] are supported. More could be added.
== Why
Before Alice and Bob can begin encrypted communication, they must exchange encryption keys. They could do it in advance, giving each other a pre-generated key; or they could do it "just in time", just before the message(s) to be encrypted. Traditionally, non-interactive communications go with the former, and interactive ones go with the latter.
Interactive cases can get away with that; Alice and Bob are going to talk for many rounds, so one more round beforehand doesn't matter. On the other hand, non-interactive cases are annoyed by the the pre-generated keys: there is one more key to manage (in addition to the signing key), which has to be signed, so that's three pieces of data in one "key distribution"; their static nature means all communications are encrypted with the same shared key, which is frowned upon.
We attempt to solve this problem by introducing derived, "ephemeral" keys: instead of being pre-generated, encryption keys are derived from the signing key "just in time". There's only one key to distribute, and encryption keys are different every time.
== How
Details are laid out in the link:./edx.en.adoc[spec]. Basically, first derive Alice's secret key, by adding the derive factor, as a clamped and reduced scalar, and derive Bob's public key, by adding the corresponding point of that scalar; then it's just plain old ECDH.
== Acknowledgements
Thanks to the authors of the {curve25519,ed25519,x25519}-dalek crates, the first of which does all the heavy lifting. Without them this project would not exist.