Created
January 31, 2019 17:11
-
-
Save pavel-lens/9816785bae0971b8c415d48f33ed619d to your computer and use it in GitHub Desktop.
How to setup a secure way to exchange data in insecure P2P environment using elliptic curve cryptography
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const aes256 = require('aes256'); | |
| // const pbkdf2 = require('pbkdf2'); | |
| const { ec: EC } = require('elliptic'); | |
| const { expect } = require('chai'); | |
| const key = 'my passphrase'; | |
| const plaintext = 'my plaintext message'; | |
| // const MASTER_PASSWORD = 'cornflake12'; | |
| // const SALT = '2019-01-29T21:54:56.015Z'; | |
| describe('aes256', () => { | |
| it('should encrypt and descrypt message', () => { | |
| // Standard symmetric encryption and decryption using a static key (secret) | |
| const encrypted = aes256.encrypt(key, plaintext); | |
| const decrypted = aes256.decrypt(key, encrypted); | |
| expect(decrypted).to.equal(plaintext); | |
| }); | |
| }); | |
| // describe('aes256', () => { | |
| // it('derive a key from master password and salt', () => { | |
| // const derivedKey = pbkdf2.pbkdf2Sync( | |
| // MASTER_PASSWORD, | |
| // SALT, | |
| // 1, | |
| // 32, | |
| // 'sha512' | |
| // ); | |
| // console.log(derivedKey.toString('hex')); | |
| // expect(derivedKey.toString('hex')).to.equal( | |
| // '9eac7f86e3fc92f9455bde5b01718eeb23fc86b88fd0328be292c445e41877ae' | |
| // ); | |
| // }); | |
| // }); | |
| // Elliptic Curve Cryptography | |
| // For high-level explanation see https://www.youtube.com/watch?v=yDXiDOJgxmg | |
| // | |
| // The purpose is to setup a secure way to exchange data in insecure P2P environment | |
| describe('elliptic::ec', () => { | |
| let shared1, shared2; | |
| it('should generate 2 identical shared keys to exchange data', () => { | |
| // PART 1: Key Generation | |
| // | |
| const ec = new EC('p521'); | |
| // Generate keys | |
| const key1 = ec.genKeyPair(); | |
| const key2 = ec.genKeyPair(); | |
| // Derive shared keys to exchange data | |
| // Derived keys are the same and therefore can be used for symmetric encryption/decryption | |
| // Alice's key for symetric encryption/decryption | |
| shared1 = key1.derive(key2.getPublic()); | |
| // Bob's key for symetric encryption/decryption | |
| shared2 = key2.derive(key1.getPublic()); | |
| expect(shared1.toString(16)).to.equal(shared2.toString(16)); | |
| // console.log('Both shared secrets are BigNum instances'); | |
| // console.log(shared1.toString(16)); | |
| // console.log(shared2.toString(16)); | |
| }); | |
| it('should encrypt and decrypt message using respective keys', () => { | |
| // PART 2: Secure Exchanges of Data | |
| // | |
| // Alice encrypts a message | |
| const encMsg1 = aes256.encrypt(shared1.toString(16), plaintext); | |
| // Bob decrypts the message | |
| const decMsg1 = aes256.decrypt(shared2.toString(16), encMsg1); | |
| expect(decMsg1).to.equal(plaintext); | |
| // console.log(decMsg1); | |
| // Bob encrypts a message | |
| const encMsg2 = aes256.encrypt(shared2.toString(16), plaintext); | |
| // Alice decrypts the message | |
| const decMsg2 = aes256.decrypt(shared1.toString(16), encMsg2); | |
| expect(decMsg2).to.equal(plaintext); | |
| // console.log(decMsg2); | |
| }); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment