[cryptography] Using same key for ECDSA and ECIES

Alan Braggins alan.braggins at gmail.com
Fri Sep 20 11:07:58 EDT 2013

On 20/09/13 13:22, Dominik Schürmann wrote:
> I am wondering if it is okay to use the same asymmetric ECC key for
> ECDSA and ECIES. Given that the signing and encryption algorithms are
> not related like in RSA, I assume it is okay to use the same key for
> both operations.
> Are there any things I need to pay attention to when combining both
> schemes using same keys? Can Bob decrypt messages by forcing Alice to
> sign messages? (as in naive RSA implementations).

Even if it's technically secure (and I suspect it isn't), in some
legislations you can be compelled to hand over a decryption key,
or a dual use key, but not a signature _only_ key.
http://www.legislation.gov.uk/ukpga/2000/23/section/49/enacted (9)

So at least in some use cases, it's better to keep the signature key
as a signature only key.

More information about the cryptography mailing list