Security Builder Crypto includes functions for ECQV (Elliptic Curve Qu-Vanstone). ECQV is an implicit certificate scheme based on elliptic curve cryptography (ECC). It is designed to provide non-forgeability of certificates and impersonation-prevention.
Security Builder Crypto provides five ECQV functions. This section explains how the ECQV functions map into the Using Implicit Certificates section.
Setup and Key Deployment
Standard elliptic curve parameters and key generation functions are used for ECQV setup and key deployment. There are no ECQV-specific functions for these phases of the implicit certificate process.
Certificate Generation
The CA can generate the public key reconstruction data by calling the hu_ECQVPubKeyReconstGen() function. Similarly, the private key reconstruction data can be generated by calling hu_ECQVPriKeyReconstGen().
U can then derive his private key from the private key reconstruction data and the implicit certificate created by the CA by calling the function hu_ECQVPriKeyDerive().
U may validate the private key and the implicit certificate by calling the hu_ECQVPriKeyValidate(). Note that this validation is strictly optional, and is not required.
Certificate Processing
When V receives ICU, he can derive U’s public key QU′ by calling the function hu_ECQVPubKeyConv(). V may now use QU′ for communicating securely with U.
Implicit Certificate Issuance
The following diagram demonstrates how the ECQV functions are used to create and issue implicit certificates.
