This library implements Elliptical Curve Integrated Encryption System (ECIES), as specified by SEC 1: Elliptic Curve Cryptography, Version 2.0.
ECIES is a public-key encryption scheme based on ECC. It is designed to be semantically secure in the presence of an adversary capable of launching chosen-plaintext and chosen-ciphertext attacks.
ECIES can be used to encrypt messages to bitcoin addresses with public keys published on the blockchain, and subsequently to decrypt messages by the holders of the address's private key.
This library is distributed as a gem named ecies at RubyGems.org. To install it, run:
gem install ecies
First, require the gem:
require 'ecies'
Intitlialize a key and a Crypt object.
key = OpenSSL::PKey::EC.generate('secp256k1')
crypt = ECIES::Crypt.new
Next, we'll encrypt a message. Although in this example our key contains both the private and public components, you only need the key to contain the public component to encrypt a message.
encrypted = crypt.encrypt(key, 'secret message')
Finally, decrypt the message. In order to decrypt, the key must contain the private component.
crypt.decrypt(key, encrypted) # => "secret message"
Bitcoin P2PKH addresses themselves contain only hashes of public keys (hence the name, pay-to-public-key-hash). However, any time a P2PKH output is spent, the public key associated with the address is published on the blockchain in the transaction's scriptSig. This allows you to encrypt a message to any bitcoin address that has sent a transaction (or published its public key in other ways). To demonstrate this, we'll encrypt a message to Satoshi's public key from Bitcoin's genesis block:
public_key = ECIES::Crypt.public_key_from_hex(
"04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb"\
"649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f")
encrypted = ECIES::Crypt.new.encrypt(public_key, 'secret message')
To decrypt this message, Satoshi would follow these steps:
private_key = OpenSSL::PKey::EC.new("<PEM/DER encoded private key for genesis block>")
ECIES::Crypt.new.decrypt(private_key, encrypted) # => "secret message"
By default, when constructing a new ECIES::Crypt object, it will use the following parameters for ECIES:
These defaults work well for encrypting messages to bitcoin keys. This library also supports alternate algorithms as described in the below 'Compatibility' section. In order to utilize these other algorithms, initialize an ECIES::Crypt object with alternate parameters (see the ECIES::Crypt.new documentation for details). The Crypt object must be initialized with the same parameters when encrypting and decrypting messages.
The sec1-v2 document allows for many combinations of various algorithms for ECIES. This library only supports a subset of the allowable algorithms:
In addition, the following options have been chosen:
Ruby 2.0 and above.
Bug reports and pull requests welcome! I happily accept any feedback that can improve this library's security.
While I have taken every effort to make this library as secure as possible, it is still an early version and has not yet been reviewed by a wide audience. Use at your own risk.
For complete documentation, see the ECIES page on RubyDoc.info.
FAQs
Unknown package
We found that ecies demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.