About Virgil Security

Virgil Keys Services, Keys API and Crypto Library make up the Virgil Security Stack
Add Security In Minutes

IP Messaging with Virgil Security℠

IP Messaging Diagram

ECIES Encryption Functional Diagram

ECIES Encryption Diagram

ECIES Decryption Functional Diagram

ECIES Decryption Diagram

Ephemeral Key Pair Generation

Input parameters:

  • Random number generation function - NIST SP 800-901: CTR_DRBG (Counter-mode block-cipher-based Deterministic Random Bit Generator). The underlying algorithm used is AES-256 in counter mode.
  • Random number generation function “Personalization String” parameter - module id string (see section 8.7.1 of NIST Special Publication 800-90A).
  • Entropy function - on linux:/dev/urandom and on Windows: CryptGenRandom(), with high resolution timer (rdtsc) and HAVEGE.
  • Some high level languages do not support strong random number generation due to absence of hardware instructions.

Key Agreement

Key Agreement – function used for the generation of a shared secret by two parties. ARM mbed TLS is used.

Key Derivation Function

Key Derivation function – mechanism produces a set of keys from keying material and some optional parameters.

Virgil implementation of KDF1 described in ISO-18033-2 Clause 6.2.2 is used. Underlying hash function is SHA-384.

Symmetric Encryption Algorithm

ARM mbed TLS implementation of AES256-GCM mode is used.

Message Authentication Code

Message Authentication Code – data used in order to authenticate messages.

ARM mbed TLS implementation of HMAC-SHA384.