D. J. Bernstein
Fast arithmetic


nistp224 performs compressed Diffie-Hellman key exchange on the NIST P-224 elliptic curve at record-setting speeds. It includes an easy-to-use C library and a command-line tool.

With nistp224, sharing secrets is a snap. Alice creates a random 28-byte SECRET.alice file and runs

     cat SECRET.alice PUBLIC.base | nistp224 > PUBLIC.alice
to create her 28-byte public key PUBLIC.alice. Bob creates his 28-byte public key PUBLIC.bob the same way. Now Alice can run
     cat SECRET.alice PUBLIC.bob | nistp224
and Bob can run
     cat SECRET.bob PUBLIC.alice | nistp224
to produce the same output, a 28-byte secret shared by Alice and Bob. Alice and Bob can use this shared secret as a key to authenticate and encrypt their messages. It seems to be extremely difficult for an eavesdropper to figure out the shared secret given PUBLIC.alice and PUBLIC.bob.

nistp224 also supports uncompressed Diffie-Hellman key exchange on the same curve, with 56-byte public keys, at slightly higher speeds.