nRF5 SDK  v15.2.0
Choose documentation:
 All Data Structures Functions Variables Typedefs Enumerations Enumerator Groups Pages
ECDH Example

The ECDH example demonstrates a basic shared secret exchange procedure. The example involves two parties: Alice and Bob. A communication channel is simulated between them which is assumed to be not secure and the transmitted messages are visible on a terminal.

Alice demonstrates a scheme where private and public keys are predefined and constant. On the other hand, Bob demonstrates how to generate a private and public key pair each time ECDH is performed. Curve secp256r1 was selected for this example as it is implemented by all backends.

The example is divided into four steps:

  1. Alice's preparation step.
    In this step, Alice sends her predefined public key (in raw format) to Bob via a non-secure channel.
  2. Bob's preparation step.
    In this step, Bob generates a new pair of keys. He saves the private key for later use. After that, he converts the public key to raw format and sends it to Alice.
  3. Alice's computation step.
    Alice receives the raw public key from Bob and converts it to internal library representation. Then, she performs ECDH computation using the public key from Bob and her predefined private key.
  4. Bob's computation step.
    Bob receives the raw public key from Alice and converts it to internal library representation. Then, he performs ECDH computation using the public key from Alice and his private key generated in the previous step.
Note
This example can run in software or hardware, depending on the supported features of your SoC. It uses the default backend for the specific platform, but you can test it using different backends. For more details on how to change backends, see Backends and Enabling the curves.

You can find the source code and the project file of the example in the following folder: <InstallFolder>\examples\crypto\nrf_crypto\ecdh

Testing

Test the ECDH Example application by performing the following steps:

  1. Skip this step if you are using an RTT viewer.
    Start a terminal emulator like PuTTY and connect to the used COM port with the following UART settings:
    • Baud rate: 115.200
    • 8 data bits
    • 1 stop bit
    • No parity
    • HW flow control: None
  2. Compile and program the application.
  3. Observe the terminal output showing each step of the example using an RTT viewer or a terminal emulator.
  4. Verify that both Alice and Bob have the same shared secret. Search for the following output in the final lines of the example:
    <info> app: Alice's shared secret: <shared_secret>
    <info> app: Bob's shared secret: <shared_secret>