[zeromq-dev] Is there a reasonable way to use an existing PKI and D/TLS with 0MQ?

John Lane Schultz jschultz at spreadconcepts.com
Wed Feb 14 20:11:28 CET 2018

That’s very cool that (almost) any random number can be used for the private key and the public key can be easily derived from the private one!

See?  I am quite clueless about the details of ECC. ;)


On Feb 14, 2018, at 4:05 AM, paddor <paddor at gmail.com> wrote:

Hi John,

One cool thing about Curve25519 is that, given the secret key, the public key can be derived from it. And it seems that you actually you can use random bytes for the secret key (almost). Only a few bits in the first and last byte are fixed. Here an excerpt from [1]:

> Computing secret keys. Inside your program, to generate a 32-byte Curve25519 secret key, start by generating 32 secret random bytes from a cryptographically safe source: mysecret[0], mysecret[1], ..., mysecret[31]. Then do
>     mysecret[0] &= 248;
>     mysecret[31] &= 127;
>     mysecret[31] |= 64;
> to create a 32-byte Curve25519 secret key mysecret[0], mysecret[1], ..., mysecret[31].

Of course the conversion tool would have to print the public key so you can collect those centrally.

Yes, it might be too much effort if you want to keep using the existing PKI as-is. Having used ZMQ for a while now, I'd say it's worth the effort! ;-)


[1] https://cr.yp.to/ecdh.html

More information about the zeromq-dev mailing list