The Ease of Public Key and Power of Symmetric Key: Meet Hybrid Encryption with Google Tink (ECIES)

Using public key and secret key

A demo of the method is here.

Google has released Tink and which is a multi-language, cross-platform cryptographic library. Hybrid Encryption is a combination of symmetric key encryption and public-key encryption. We encrypt with a newly created symmetric key, and then encrypt this with the public key of the recipient. The most popular public method is elliptic curve with Curve 25591, and the most popular symmetric method is AES.

Outline of method

With Elliptic curve integrated encryption scheme (ECIES), Alice generates a random private key (dA) and the takes a point on an elliptic curve (G) and then determines her public key (QA):

QA=dA×G

G and QA are thus points on an elliptic curve. Alice then sends QA to Bob. Next Bob will generate:

R=r×G

S=r×QA

and where r is a random number generated by Bob. The symmetric key (S) is then used to encrypt a message.

Alice will then receive the encrypted message along with R . She is then able to determine the same encryption key with: