## Simple Elliptic Curve Cryptography in Python compatible with `seccure`

Instead of RSA, you can use an Elliptic Curve algorithm for public/private key cryptography. The main advantage is that keys are a lot smaller. With RSA you need keyservers to distribute public keys. With Elliptic Curves, you can just write: my public key is `*jMVCU^[QC&q*v_8C1ZAFBAgD`.

There are two drawbacks: first, Elliptic Curve cryptography is even harder to understand than plain RSA and secondly, there are only a few implementation of Elliptic Curve cryptography. In fact: I did not find any maintained Elliptic Curve package for Python.

Thus I wrote a Python package compatible with the excellent commandline utility seccure written by Poettering. Here are some examples of how to use the original commandline `seccure` and how to do the same thing in Python.

For a private key, you just pick a (long!) password. You can derive the public key with `seccure` as follows:

```\$ seccure-key Assuming curve p160. Enter private key: my private key The public key is: 8W;>i^H0qi|J&\$coR5MFpR*Vn ```

In Python

```>>> import seccure >>> str(seccure.passphrase_to_pubkey(b'my private key')) '8W;>i^H0qi|J&\$coR5MFpR*Vn'```

Now, to encrypt a message for the public key:

```\$ seccure-encrypt -o private.msg '8W;>i^H0qi|J&\$coR5MFpR*Vn' Assuming MAC length of 80 bits. Go ahead and type your message ... This is a very secret message! ^D```

In Python:

```>>> ciphertext = seccure.encrypt(b'This is a very secret message\n', b'8W;>i^H0qi|J&\$coR5MFpR*Vn') >>> ciphertext '\x00\x146\x17\xe9\xc1\x1a\x7fkX\xec\xa0n,h```

To decrypt the encrypted message:

```\$ seccure-decrypt -i private.msg Assuming MAC length of 80 bits. Assuming curve p160. Enter private key: my private key This is a very secret message! Integrity check successful, message unforged!```

In Python:

```>>> seccure.decrypt(ciphertext, b'my private key') 'This is a very secret message\n'```

To create a signature

```\$ seccure-sign Assuming curve p160. Enter private key: my private key Go ahead and type your message ... This message will be signed ^D Signature: \$HPI?t(I*1vAYsl\$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq```

In Python:

```>>> seccure.sign(b'This message will be signed\n', b'my private key') '\$HPI?t(I*1vAYsl\$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq'```

And to verify a signature:

```\$ seccure-verify '8W;>i^H0qi|J&\$coR5MFpR*Vn' '\$HPI?t(I*1vAYsl\$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq' Go ahead and type your message ... This message will be signed ^D Signature successfully verified!```

In Python:

```>>> seccure.verify(b'This message will be signed\n', b'\$HPI?t(I*1vAYsl\$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq', b'8W;>i^H0qi|J&\$coR5MFpR*Vn') True```

You can find the Python library on Github.

Update: added support for Python 2.6, 2.7, 3.2 and 3.3.