ECIES
Last updated
Was this helpful?
Last updated
Was this helpful?
Electrum ECIES is a protocol for exchanging encrypted data between parties. It has been commonly used in many applications, and while the SDK's native is the preferred approach for new applications (due to its use of GCM over CBC and aditional layers of security described below), legacy systems still use ECIES and this guide will demonstrate how it can be done.
In ECIES, a message can be encrypted directly to the public key of the recipient, either from your private key or from a random private key. The public key can either be included or excluded from the message. Check out the below examples:
This guide has shown how to use Electrum ECIES encryption. While this approach has been used by many legacy systems, the SDK's native encryption has the following benefits:
Use of GCM over CBC: While this is not a security risk, GCM supports range-based encryption and decryption. This may make it better than CBC if you need to send parts of a large encrypted dataset over the network.
Despite these drawbacks, Electrum ECIES still remains a fundamentally secure and robust encryption scheme.
Additional Security Layer: The native SDK implentation, based on , employs an additional layer of security by utilizing a one-off ephemeral key for the encryption process. Even if the key for a particular message is discovered, it does not compromise the private keys of either of the parties. Different keys are used for every message, adding an additional step for attackers.
Incompatibility with BRC-43 Invoice Numbers: The native approach is fully compatible with invoice numbers, and the encryption process, making it possible for users of the able to natively use the system under their MetaNet identities. ECIES is not compatible with these standards.