Introduction
ECC based Encryption/Decryption in JS/wasm and python based app.
[ecc, wasm, js, python, rust]
This is a demo project on encrypted communication between UI & backend over http/s, and delegating all heavy lifting(encryption in this case) to wasm binary compiled from ecies rust crate(https://docs.rs/ecies/0.2.1/ecies). The js binding for ecies wasm binary is handled with ecies-wasm npm package.
UI is built with reactjs and backend is a flask based api server. Encryption scheme being used: ecies(ECC based hybrid encryption).
Workflow:
How ecies works?
src: https://cryptobook.nakov.com/asymmetric-key-ciphers/ecies-public-key-encryption
- We start with
V(senders pub-key) andm(plaintext message) - A pair of ephemeral keypair is generated.
U(public key),u(private key) - A
shared-secretis generated byV * u. Payload is encrypted withk_ENC(symmetric key derived fromshared-secret). Here*is EC Point multiplication over finite fields(galios).
The whole deal about ECDH is, this
shared-secretwill be equal toU * v(senders private key)
- The final encrypted payload is :
U, ciphertext(mac code, encrypted plaintext_message)
Performance of ecies lies in:
- we only used symmetric encryption once,
- and just relied on ECDH.
- No expensive assymetric encryption at all.
How to start:
- Use docker compose. UI at: http://localhost:8999/
OR
- Run server:
- Generate privyte key with
python eciespy_demo.py, save content asflask-app/keys/private.ec.keycd flask-app python3 -m venv venv source venv/bin/activate pip install -r requirements.txt python app.py
- Generate privyte key with
- Run UI:
- Update server
hosturl inapi.jscd ui-react-webapck yarn yarn start
- Update server
Demo example:
- Get
age,msgas input, create JSON payload, encrypt using Public Key, convert encrypted data to base64. - call
POST /datawith payload - Server decrypts base64 encoded payload, decrypts using private-key, send
age,msgback in response.