Author

Topic: Using the same EC key for both ECDSA and ECIES? (Read 1078 times)

legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
November 02, 2014, 06:19:38 AM
#2
Quote
This would require that the same EC key be used for both signing and encryption where ECIES is used for encryption. Is there currently sufficient reason to believe that this should be avoided? Or is there specific reason to believe that it is safe?
If there is only a small risk of it being insecure then it might be outweighed by the benefit of completely passive client operation.

Maybe better ask this specific question in Development and Technical. For RSA, the rule of thumb is NOT to use same key for signing and encryption but it depends on specific use and ECC could be different too.
sr. member
Activity: 249
Merit: 251
I have begun mentally planning to add a new address format to Bitmessage which has the public key encoded right in the bitmessage address. This comes at the behest of gmaxwell. It's a good idea. It would allow a Bitmessage user who receives messages to remain completely passive, and thus anonymous, even against a global attacker who can listen and even modify traffic on any or all individual Internet connections.

But
This would require that the same EC key be used for both signing and encryption where ECIES is used for encryption. Is there currently sufficient reason to believe that this should be avoided? Or is there specific reason to believe that it is safe?
If there is only a small risk of it being insecure then it might be outweighed by the benefit of completely passive client operation.

-Atheros
Jump to: