Blockchain – Creating Elliptic Curve Keys using OpenSSL

Elliptic curve cryptography is employed to implement public key cryptography. It had been discovered by Victor Miller of IBM and Neal Koblitz of the University of Washington in 1985. ECC, popularly utilized, is an acronym for Elliptic Curve Cryptography. It’s grounded on recent mathematics and delivers a reasonably more secure foundation than the first-generation public key cryptography systems for case RSA(Rivest- Shomis- Adleman)
In 1985, cryptographic algorithms were proposed grounded on elliptic curves. An elliptic curve is a set of points that satisfy a specific mathematical equation. They’re symmetrical.
ECC is among the foremost usually used enactment methodology for digital signatures in cryptocurrencies. Both Bitcoin and Ethereum apply the Elliptic Curve Digital Signature Algorithm(ECDSA) specifically in signing trades. Yet, ECC isn’t used only in cryptocurrencies. It is a standard for encryption that will be used by maximum web operations going forward due to its shorter key length and efficacy. The article focuses on discussing creating Elliptic Curve Keys using OpenSSL. 

Elliptic Curve Keys

An elliptic curve is a key-based technique to encrypt data. Securely generating a random integer in a certain range, Basically, Elliptic Curve Cryptography has public and private keys. The private key is only available or visible or accessible to the owner, whereas the public key of the owner is accessible to the receipt as well.

• Elliptic curves need fewer bits than RSA key cryptography and provide an equal level of security to RSA.
• Implementation of elliptic curves in cryptography requires smaller chip size, less power consumption, increase in speed.

OpenSSL 

OpenSSL is an open-source command line tool that is commonly used to generate private keys, create CSRs, install your SSL/TLS certificate, and identify certificate information.

• Download OpenSSL’s required libraries from here. 
• Run the .exe file and install OpenSSL in the system.
• Open the command prompt (cmd) and redirect the path to the bin folder.

 

Implementation

Follow the steps below to create EC private keys and public keys:

Creating EC private key using OpenSSL:

Step 1: To create a private key, first select the curve you will be going to work with. Use the following command to see a list of supported curve names and descriptions.

openssl ecparam -list_curves

list of curves 

Step 2: In this example prime256v1 (secp256r1) curve is selected from the above list of curves.

curve used for key generation 

Step 3: Generate the private key using the below command:

openssl ecparam -name prime256v1 -genkey -noout -out private-key.pem

Private  key generation

The above command generates a PEM file in the bin folder containing the EC private key, which looks something like the following the below private-key.pem file:

EC private key 

Creating an EC Public Key from a Private Key Using OpenSSL:

Step 1: Use EC private key to generate another PEM, containing only the public key.

openssl ec -in private-key.pem -pubout -out public-key.pem

 

The above command should give another PEM file in the bin folder called public-key.pem, containing the public key: 

EC public key

This creates the EC private key and public keys.