crypto.createECDH() Method in Node.js

The crypto.createECDH() method creates an Elliptic Curve Diffie-Hellman (ECDH) key exchange object using a predefined curve. ECDH is a cryptographic protocol that allows two parties to establish a shared secret over an insecure channel.

Syntax

crypto.createECDH(curveName)

Parameters

• curveName - A string specifying the predefined elliptic curve to use. You can get available curves using crypto.getCurves().

Return Value

Returns an ECDH object that can generate key pairs and compute shared secrets.

Example 1: Basic ECDH Key Generation

// Import the crypto module
const crypto = require('crypto');

// Create ECDH object using secp521r1 curve
const ecdh = crypto.createECDH('secp521r1');

// Generate key pair and display the public key
const publicKey = ecdh.generateKeys();
console.log('Generated Public Key:');
console.log(publicKey);

Generated Public Key:
<Buffer 04 00 be c4 3b eb cc ea 33 84 31 b0 7d 8b 9f e6 5b e0 6e 3a 40 21 49 f0 20 9f 92 33 cf 32 d7 a7 f1 df 90 82 9b fe 8f 7b 98 5b 7d 1a ee c6 ae b1 bd 1a ... >

Example 2: Getting Public and Private Keys

// Import the crypto module
const crypto = require('crypto');

// Create ECDH object and generate keys
const ecdh = crypto.createECDH('secp521r1');
ecdh.generateKeys();

// Get public and private keys separately
console.log('Public Key:');
console.log(ecdh.getPublicKey());

console.log('\nPrivate Key:');
console.log(ecdh.getPrivateKey());

Public Key:
<Buffer 04 01 10 f7 fb d9 d7 f9 70 ba 6e 59 42 77 b6 1b 28 21 f1 3f ac 43 28 72 c6 33 b5 89 d3 77 6e 5a ea 8a 8a a1 27 a7 ab f1 b1 ea 41 ac dc c5 09 83 01 48 ... >

Private Key:
<Buffer 01 d8 c4 d9 df 5c c8 54 e2 1f 82 94 ba 9c cd bc 88 3a e5 88 aa bd c8 2b 5c e9 f4 59 81 0b ae 18 f4 bf 21 43 56 74 55 d8 1d e6 b8 5f d8 e7 e2 52 ad 03 ... >

Example 3: Complete ECDH Key Exchange

const crypto = require('crypto');

// Create two ECDH instances (Alice and Bob)
const alice = crypto.createECDH('secp256k1');
const bob = crypto.createECDH('secp256k1');

// Generate key pairs
const alicePublicKey = alice.generateKeys();
const bobPublicKey = bob.generateKeys();

// Compute shared secrets
const aliceSharedSecret = alice.computeSecret(bobPublicKey);
const bobSharedSecret = bob.computeSecret(alicePublicKey);

console.log('Alice shared secret:', aliceSharedSecret.toString('hex'));
console.log('Bob shared secret:', bobSharedSecret.toString('hex'));
console.log('Secrets match:', aliceSharedSecret.equals(bobSharedSecret));

Alice shared secret: 8f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a
Bob shared secret: 8f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a
Secrets match: true

Common Curve Names

Popular elliptic curves include:

• secp256k1 - Used by Bitcoin
• secp384r1 - NIST P-384
• secp521r1 - NIST P-521 (highest security)
• prime256v1 - NIST P-256

Conclusion

The crypto.createECDH() method enables secure key exchange using elliptic curve cryptography. It's essential for establishing shared secrets between parties without transmitting the secret itself over the network.