椭圆曲线密码学限制为20字节

Question

I've been trying to switch from RSA to ECC in my code. At first, I tried using Bouncycastle, but I was having difficulties getting named curves to work. None of the sample code I found was working.

So I tried JECC and it worked just fine, except for one problem. When using the "secp256r1" curve, I could only encode 20 bytes, 160 bits, before it gave me an "index out of range" error.

Is this a limitation with JECC, Elliptic Curves in general, or maybe my own code? I tried researching the problem online and can't find any reference to how much data a 256 bit ECC key can encode. With RSA, I could encode any data smaller then the key used.

Additionally, how important is data padding with ECC? I couldn't find any information on standard padding practices with ECC.

Thank you in advance for your help.

EDIT: Here is my code in case you were wondering. I slightly modified the original JACC code so there aren't any typecasts.

ECCryptoSystem cs = new ECCryptoSystem(new EllipticCurve(new secp256r1()));

t1=System.currentTimeMillis();
ECKey sk = cs.generateKey(); // secure key
ECKey pk = sk.getPublic(); // public key
t2=System.currentTimeMillis();
System.out.println("Generated keys in "+(t2-t1)+"ms.");

for(int c=0;c<10;c++){
    t1=System.currentTimeMillis();
    byte[] s1=args[0].getBytes();
    byte[] s2=cs.encrypt(s1,args[0].length(),pk);
    byte[] s3=cs.decrypt(s2,sk);
    t2=System.currentTimeMillis();

    if(Arrays.equals(s1,s2)){System.out.println("Bad encryption!");}
    if(!Arrays.equals(s1,s3)){System.out.println("Bad decryption!");}

    String decoded = new String(s3, "UTF-8");
    System.out.println("loop "+(c+1)+": \""+decoded+"\" ("+decoded.length()+" Characters) in "+(t2-t1)+"ms.");
}

And here's how I ran it:

$ java Mecc "This is a good test."
Generated keys in 397ms.
loop 1: "This is a good test." (20 Characters) in 208ms.
loop 2: "This is a good test." (20 Characters) in 107ms.
loop 3: "This is a good test." (20 Characters) in 69ms.
loop 4: "This is a good test." (20 Characters) in 68ms.
loop 5: "This is a good test." (20 Characters) in 73ms.
loop 6: "This is a good test." (20 Characters) in 59ms.
loop 7: "This is a good test." (20 Characters) in 64ms.
loop 8: "This is a good test." (20 Characters) in 58ms.
loop 9: "This is a good test." (20 Characters) in 60ms.
loop 10: "This is a good test." (20 Characters) in 60ms.
$ java Mecc "This is a good test.."
Generated keys in 555ms.
Error: java.lang.ArrayIndexOutOfBoundsException: 20

FYI: You can see how the JIT compiler speeds things up after a few loops.

Another EDIT: I just stepped through the JECC code and found something interesting:

hash = MessageDigest.getInstance("SHA-1");
...
byte[] digest = hash.digest();
for(int j = 0; j < numbytes; j++) {
    res[j+ek.mother.getPCS()]=(byte) (input[j]^digest[j]);
}

It seems the data is xored against the hash. If I change the "SHA-1" to "SHA-256", I no longer get the error.

Now I'm not a cryptographer, and I'd rather not change the core functionality of JECC, but is this a valid solution?

Answer 1

The reason why JECC only encrypts 20 bytes of plaintext is that during encryption process it tries to XOR the input with digest value. The digest length of SHA-1 used by JECC is 160 bits(20 bytes).

Also JECC doesn't encrypt the data using ECC, rather it's a prototype of ECIES, which involves generating symmetric key using ECC Diffie Hellman key exchange and than using any custom symmetric encryption algorithm.