Package mqv implements MQV ECC as described in "NIST Special Publication 800-56A Revision 3".
MQV is a key agreement protocol similar to Diffie-Hellman, but instead of using 2 ephemeral keys C(2e, 0s), MQV uses 2 ephemeral and 2 static keys C(2e, 2s) in the full variant. The static keys are previously distributed and will be used to authenticate the parties.
Another advantage of MQV is the "one-pass" mode C(1e, 2s) which allows senders and receivers to transmit data without a full roundtrip for the key agreement. In this case, the sender uses the static key of the other party twice (its safe to pass a key twice, once as static key and once as ephemeral key), and the receiver uses his own static key twice to decode the message.
In addition to the basic MQV primitive, this package also implements a blinded version BlindMQV, which blinds the keys before doing the computations in order to prevent side channel attacks.
Please see SP 800-56A Rev. 3 for more details.
go get github.com/mgit-at/mqv
Copyright (c) 2017 mgIT GmbH. All rights reserved. Distributed under the Apache License. See LICENSE for details.