*** Sagar Acharya [2023-10-15 17:22]: >I don't need signing, just encryption.
Are you aware that "just encryption" is practically useless, if it does not authenticate transmitted data somehow? By MAC, by AEAD, by signature, but with "just encryption" malefactor in many cases can alter your data without you noticing it at all. >I said, what I want to do. Within wireless space, I want to trasmit a packet >with a fixed header and encrypted data packet. Fire up any kind of VPN. IPsec, WireGuard, whatever. They can transparently secure you IP traffic. IPsec (ESPv3) will literally has its own ESP-header that will carry encrypted+authenticated plaintext IP packet. >I saw, ec cryptography is just signing, will not work. No it is not only for signing. At least it is also for key agreement. If you do not trust WiFi/Bluetooth/public-Ethernet security/encryption (that is completely sane and understandable), then just start VPN over that insecure channel. IPsec (ESP with AEAD ciphers (ChaCha20-Poly1305 or hardware accelerated AES-GCM) + IKEv2 with *25519 key agreement algorithm) or WireGuard are the fastest in nearly all cases. If you do not want to set any kind of IP addresses manually (or by SLAAC/DHCP*), then (at least) WireGuard can work over IPv6 link-local addresses without any problems (I do it). -- Sergey Matveev (http://www.stargrave.org/) OpenPGP: 12AD 3268 9C66 0D42 6967 FD75 CB82 0563 2107 AD8A
