问题
I'm a beginner to ECC crypto programming. Does any one explain to me the difference with using ECDH for shared key exchange and use of ECIES by encrypting shared key with the public key of the receiver ? I'm feeling that ECIES could also provide me secure key exchange as long as the private key is kept secret. Thank you.
回答1:
ECDH is a shared-secret derivation protocol. Two parties use knowledge of their own "private key" and their partner's "public key" to generate a shared secret. Generally the private keys are random numbers used for the key negotiation, and then discarded.
ECIES uses the same scheme as ECDH to generate a "shared secret", where one of the "private keys" is a random number, and its corresponding public key is included in the message itself. This means that the shared secret is derivable only by the person with the other private key. The message itself is then encrypted with some other scheme like AES, using the shared secret as the key.
If you're doing key negotiation, ECDH is the way to go. (Mandatory note: Of course, you shouldn't roll your own crypto for a production system, just use TLS.)
来源:https://stackoverflow.com/questions/30667626/key-exchange-using-ecdh-vs-ecies