ECCSI (Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption) is specified in RFC 6507 (https://tools.ietf.org/html/rfc6507).
In Identity-Based cryptography, there is a Key Management Service that generates keys based on an identity for a client. The private key (SSK) and public key (PVT) are delivered to the signer and the public key (PVT) only delivered to the verifier on request.
wolfCrypt offers the ability to:
- Create KMS keys,
- Generate signing key pairs,
- Validate signing key pairs,
- Sign messages and
- Verify messages.
KMS:
- Initialize ECCSI Key: wc_InitEccsiKey()
- Make and save or load ECCSI Key:
- wc_MakeEccsiKey(), wc_ExportEccsiKey(), wc_ExportEccsiPublicKey() or
- wc_ImportEccsiKey()
- Wait for request:
- Receive signing ID from client.
- Generate signing key pair from ID: wc_MakeEccsiPair()
- Encode result:
- For signer, signing key pair: wc_EncodeEccsiPair()
- Send KPAK and result
- Free ECCSI Key: wc_FreeEccsiKey()
Client, signer:
- Initialize ECCSI Key: wc_InitEccsiKey()
- (When signing pair not cached) Request KPAK and signing pair from KMS
- Send signing ID to KMS.
- Receive signing key pair from KMS.
- Load KMS Public Key: wc_ImportEccsiPublicKey()
- Decode signing key pair: wc_DecodeEccsiPair()
- Validate the key pair: wc_ValidateEccsiPair()
- (If not done above) Load KMS Public Key: wc_ImportEccsiPublicKey()
- (If not cached) Calculate hash of the ID and PVT: wc_HashEccsiId()
- For each message:
- Set Hash of Identity: wc_SetEccsiHash()
- Sign message: wc_SignEccsiHash()
- Send hash ID, message and signature to peer.
- Free ECCSI Key: wc_FreeEccsiKey()
Client, verifier:
- Receive hash ID, message and signature from signer.
- Request KPAK (if not cached) and PVT (if not cached) for hash ID from KMS.
- Receive KPAK (if not cached) and PVT (if not cached) for hash ID from KMS.
- Initialize ECCSI Key: wc_InitEccsiKey()
- Load KMS Public Key: wc_ImportEccsiPublicKey()
- Decode PVT: wc_DecodeEccsiPvtFromSig()
- Calculate hash of the ID and PVT: wc_HashEccsiId()
- Set ECCSI key pair: wc_SetEccsiPair()
- Verify signature of message: wc_VerifyEccsiHash()
- Free ECCSI Key: wc_FreeEccsiKey()