Introduction to EOS Cryptography in Java
The eos-crypto-java library enables ECC (Elliptic Curve Cryptography) combined with AES encryption for secure data handling on the EOS blockchain. Below is a comprehensive guide to its implementation.
Core Features
- ECC-based asymmetric encryption (
publicEncrypt/privateDecrypt) - AES symmetric encryption for hybrid cryptographic workflows
- JDK 1.5+ compatibility
Basic Encryption/Decryption Example
String privateKey = "5KTZYCDdcfNrmEpcf97SJBCtToZjYHjHm8tqTWvzUbsUJgkxcfk";
EosPrivateKey eosPrivateKey = new EosPrivateKey(privateKey);
EosPublicKey eosPublicKey = eosPrivateKey.getPublicKey();
// Convert to EC keys
ECPrivateKey ecPrivateKey = eosPrivateKey.getECPrivateKey();
ECPublicKey ecPublicKey = eosPublicKey.getECPublicKey();
byte[] plaindata = "Sample data".getBytes("utf8");
byte[] encryptdata = ECCUtil.publicEncrypt(plaindata, ecPublicKey);
byte[] decrypteddata = ECCUtil.privateDecrypt(encryptdata, ecPrivateKey);Bidirectional ECC+AES Authentication
Scenario
- Sender: Encrypts data using receiver's public key
- Receiver: Decrypts using their private key
Code Implementation
// Key setup
String senderPrivateKey = "5KTZYCDdcfNrmEpcf97SJBCtToZjYHjHm8tqTWvzUbsUJgkxcfk";
EosPrivateKey senderKey = new EosPrivateKey(senderPrivateKey);
EosPublicKey receiverPublicKey = new EosPublicKey("EOS7ez2gagfoXw9XdW3kRx3EsCoWvupGR6u6ZJhFPEe9Q12V8JgUL");
// Encrypt
byte[] nonce = new byte[16]; // Initialization vector
byte[] encrypted = CryptUtil.encrypt(senderKey, receiverPublicKey, nonce, plaindata);
// Decrypt
byte[] decrypted = CryptUtil.decrypt(receiverKey, senderKey.getPublicKey(), nonce, encrypted);Digital Envelope Technique
Combines symmetric (AES) and asymmetric (ECC) encryption:
- Encrypt data with AES using a random key.
- Encrypt the AES key with the recipient's ECC public key.
- Transmit both the encrypted key and data.
👉 Learn more about hybrid encryption
Example
// Generate AES key
byte[] aesKey = new byte[16];
// Encrypt data with AES
byte[] encryptedData = CryptUtil.aesEncryptWithNOIV(aesKey, plaindata);
// Encrypt AES key with ECC
byte[] encryptedKey = ECCUtil.publicEncrypt(aesKey, receiverPublicKey.getECPublicKey());
// Decrypt
byte[] decryptedKey = ECCUtil.privateDecrypt(encryptedKey, receiverKey.getECPrivateKey());
byte[] decryptedData = CryptUtil.aesDecryptWithNOIV(decryptedKey, encryptedData);FAQ Section
1. What’s the advantage of ECC+AES hybrid encryption?
ECC provides secure key exchange while AES enables faster bulk data encryption. The combination ensures both security and performance.
2. How secure is the nonce (IV) in AES?
For maximum security, generate a unique nonce per session. Static nonces weaken encryption.
3. Can I use this library for non-EOS blockchains?
While optimized for EOS, the core ECC/AES logic is blockchain-agnostic.
4. What JDK versions are supported?
JDK 1.5 and later. For modern security standards, JDK 11+ is recommended.
Conclusion
This guide demonstrates secure encryption workflows using eos-crypto-java. Always:
- Use cryptographically strong keys
- Rotate keys/nonces regularly
- Validate decrypted data integrity