A production-ready, pure C implementation of the Elliptic Curve Integrated Encryption Scheme (ECIES) built from scratch. This library assumes zero external dependencies, providing custom implementations for all cryptographic primitives including Big Integer arithmetic, Elliptic Curve operations, SHA-256 for Key Derivation, and AES-128-CTR for symmetric encryption.
This project serves as a comprehensive educational resource and a standalone library for understanding and implementing ECIES without relying on heavy external libraries like OpenSSL. It demonstrates the full stack of cryptographic operations required for secure public-key encryption on the secp256k1 curve.
- Zero External Dependencies: Pure C implementation logic.
-
Custom BigInt Library: Handles 256-bit integer arithmetic (
bigint256_t). -
Elliptic Curve Arithmetic: Efficient point addition, doubling, and scalar multiplication over
$y^2 = x^3 + 7$ (secp256k1). - Integrated KDF: Custom SHA-256 implementation for key derivation.
- Symmetric Encryption: AES-128 in CTR (Counter) mode for secure payload encryption.
- Performance Profiling: Includes a test driver to profile decryption performance.
- Language: C (C99 standard or later recommended)
- Compiler: GCC / Clang / MSVC
- Architecture: Optimized for 64-bit systems.
.
├── include/ # Header files
│ ├── aes.h # AES encryption definitions
│ ├── bigint.h # Big Integer structure and ops
│ ├── ec.h # Elliptic curve point definitions
│ └── sha256.h # SHA-256 context and functions
├── src/ # Source implementation
│ ├── aes.c
│ ├── bigint.c
│ ├── ec.c
│ ├── sha256.c
│ └── main.c # Demo and profiling entry point
├── ecies_test.exe # Compiled binary (Windows)
└── .gitignore- A C compiler (GCC, Clang, etc.)
To compile the project, run the following command from the root directory:
gcc src/*.c -I include -o ecies_testExecute the compiled binary:
# On Windows
./ecies_test.exe
# On Linux/macOS
./ecies_testThe main.c file demonstrates a full encryption flow:
- Bob generates a static public/private key pair.
- Alice generates an ephemeral key pair.
- Alice derives a shared secret using ECDH.
- Alice encrypts a message ("Hello Bob!...") using AES-128-CTR with a derived key.
- Bob receives the ephemeral public key and ciphertext, derives the same secret, and decrypts the message.
The included main.c runs a functional test of the encryption/decryption cycle. It also performs a profiling run, executing the decryption process 10,000 times to verify stability and performance.
This project is open-source and available under the MIT License.