https://dalw.in/posts/technology/Recent content in Articles on Technology on Al's Thoughts...HugoenMon, 18 May 2026 23:15:32 +0530https://dalw.in/posts/technology/how-to-use-elliptic-curve-diffie-hellman-library-in-go/Mon, 18 May 2026 23:15:32 +0530https://dalw.in/posts/technology/how-to-use-elliptic-curve-diffie-hellman-library-in-go/<p>Go introduced a new library called <a href="https://en.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman">Elliptic Curve Diffie Hellman</a>(<a href="https://pkg.go.dev/crypto/ecdh">crypto/ecdh</a>) in v1.20.</p> <p>Let&rsquo;s see how to use this library to exchange encrypted data between two entities without sharing the secret that was used to encrypt the data.</p> <h3 id="generate-public-key-on-the-client">Generate public key on the client</h3> <div class="highlight"><pre tabindex="0" style="color:#e6edf3;background-color:#0d1117;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-go" data-lang="go"><span style="display:flex;"><span>clientCurve<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">:=</span><span style="color:#6e7681"> </span>ecdh.<span style="color:#d2a8ff;font-weight:bold">P256</span>()<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span>clientPrivKey,<span style="color:#6e7681"> </span>err<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">:=</span><span style="color:#6e7681"> </span>clientCurve.<span style="color:#d2a8ff;font-weight:bold">GenerateKey</span>(rand.Reader)<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span><span style="color:#ff7b72">if</span><span style="color:#6e7681"> </span>err<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">!=</span><span style="color:#6e7681"> </span><span style="color:#79c0ff">nil</span><span style="color:#6e7681"> </span>{<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span><span style="color:#6e7681"> </span>t.<span style="color:#d2a8ff;font-weight:bold">Fatalf</span>(<span style="color:#a5d6ff">&#34;Error: %v&#34;</span>,<span style="color:#6e7681"> </span>err)<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span>}<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span>clientPubKey<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">:=</span><span style="color:#6e7681"> </span>clientPrivKey.<span style="color:#d2a8ff;font-weight:bold">PublicKey</span>()<span style="color:#6e7681"> </span></span></span></code></pre></div><h3 id="generate-public-key-on-the-server">Generate public key on the server</h3> <div class="highlight"><pre tabindex="0" style="color:#e6edf3;background-color:#0d1117;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;"><code class="language-go" data-lang="go"><span style="display:flex;"><span>serverCurve<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">:=</span><span style="color:#6e7681"> </span>ecdh.<span style="color:#d2a8ff;font-weight:bold">P256</span>()<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span>serverPrivKey,<span style="color:#6e7681"> </span>err<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">:=</span><span style="color:#6e7681"> </span>serverCurve.<span style="color:#d2a8ff;font-weight:bold">GenerateKey</span>(rand.Reader)<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span><span style="color:#ff7b72">if</span><span style="color:#6e7681"> </span>err<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">!=</span><span style="color:#6e7681"> </span><span style="color:#79c0ff">nil</span><span style="color:#6e7681"> </span>{<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span><span style="color:#6e7681"> </span>t.<span style="color:#d2a8ff;font-weight:bold">Fatalf</span>(<span style="color:#a5d6ff">&#34;Error: %v&#34;</span>,<span style="color:#6e7681"> </span>err)<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span>}<span style="color:#6e7681"> </span></span></span><span style="display:flex;"><span>serverPubKey<span style="color:#6e7681"> </span><span style="color:#ff7b72;font-weight:bold">:=</span><span style="color:#6e7681"> </span>serverPrivKey.<span style="color:#d2a8ff;font-weight:bold">PublicKey</span>()<span style="color:#6e7681"> </span></span></span></code></pre></div><p>The <code>clientPubkey</code> and <code>serverPubKey</code> can be shared over the network as plain text.</p>