# Encryption Algorithm

## ECC Algorithm

Elliptic Curve Cryptography (ECC) algorithm is a kind of asymmetric encryption algorithm. With the irreversible feature of K=k*G process (K: public key, G: base point (constant)), it can prevent solving private key from public key by brutal force. With the same length of secret key, ECC has higher security level and saves computing resource compared to other encryption algorithms such as RSA. ECC combined with other algorithms, is widely used in signing fields, i.e. ECDSA digital signature.

Same as Bitcoin, NEO adopts ECC as public key generating algorithm. NEO defines a special secp256r1-standard elliptic curve with parameters:

Prime Q: 00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF

Parameter A: 00FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC

Parameter B: 005AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B

Base Point G：(0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296, 　　　　　0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5)

Example:

Uncompressed public key above is in single line.

Scenarios:

• Generating public key with private key

• Signing and signature verification

For more information, refer to A relatively easy to understand primer on elliptic curve cryptography .

## ECDSA signing

Elliptic Curve Digital Signature Algorithm (ECDSA) is a simulation of Digital Signature Algorithm (DSA) by ECC algorithm. Its advantage includes fast speed, reliable strength and short signature.

Brief steps are as follows:

Assume private key, public key and base point as k, K and G, respectively. We know that K = k*G according to ECC algorithm.

Signing procedure:

1. Select random number r and compute point r·G(x, y).

2. Compute s = (h + k·x)/r according to random number r, message M's hash value h, private key k.

3. Send message M and signature {r·G, s} to receiver.

Verification procedure:

2. Compute hash h according to received message.

3. Compute h·G/s + x·K/s with sender public key K and compare with r·G. Verification succeeds if both are the same.

Deduction is as follows:

Example:

public key and signature above are both in a single line.

Scenarios：

• Transaction signature.

• Consensus.

## AES Encryption

Advanced Encryption Standard (AES) is a kind of block cipher algorithm in symmetric encryption algorithms. Its block size can be 128, 192, 256. AES has the following advantages: (1) fast processing speed, (2) whole process can be described in math, (3) currently no effective cracking method.

NEO uses 256-bit AES encryption algorithm, where encryption mode is ECB and filling method is NoPadding.

Example：

1. msg,key----->passphrase-protected msg

(Message: 256-bit hash of "Hello World") + (password: 256-bit hash of "l love coding")

---->"a8158a64c1e9d776e12582d8c63553ee0c7687bd8e374f79c766e7459577f547"

1. passphrase-protected msg,key----->msg

Ciphertext + (password: 256-bit hash of "l love coding")

="a8158a64c1e9d776e12582d8c63553ee0c7687bd8e374f79c766e7459577f547"