ElGamal Encryption & Decryption

Public-Key Asymmetric Discrete Log
Anish Nath
Key Generation
160-bit EC-ElGamal ≈ 1024-bit RSA security
Encrypt / Decrypt
Keys loaded (click to expand)
Result
Result will appear here
Security Note:

All cryptographic operations are performed server-side. For production use, generate keys locally and never transmit private keys over the network.

ElGamal Parameter Guide
Parameter Description Recommendation
160-bit EC-ElGamal key size Good for testing
320-bit Larger EC-ElGamal key Better security
PKCS1 Standard padding mode Recommended
NoPadding No padding applied Use with caution
Related Cryptography Tools
RSA Encrypt/Decrypt

RSA encryption with various padding modes
RSA Sign/Verify

RSA digital signature operations
EC Encrypt/Decrypt

Elliptic curve encryption operations
EC Sign/Verify

Elliptic curve digital signatures
DSA Keygen/Sign/Verify

Digital Signature Algorithm operations
Diffie-Hellman

DH key exchange operations
NTRU Lattice Crypto

Post-quantum lattice cryptography
AES/DES Encryption

Symmetric block cipher operations
PEM Parser

Parse and decode PEM keys
SSH-Keygen

Generate SSH key pairs
Understanding ElGamal Encryption
What is ElGamal Encryption?

ElGamal is an asymmetric key encryption algorithm based on the Diffie-Hellman key exchange, developed by Taher Elgamal in 1985. It provides semantic security, meaning that encrypting the same message twice produces different ciphertexts, making it resistant to chosen-plaintext attacks.

How ElGamal Works
Key Generation
  1. Choose large prime p and generator g
  2. Select random private key x
  3. Compute public key y = gx mod p
Encryption
  1. Choose random k
  2. Compute c1 = gk mod p
  3. Compute c2 = m * yk mod p
Decryption
  1. Compute shared secret s = c1x
  2. Compute m = c2 * s-1 mod p
  3. Recover original message m
ElGamal vs Other Asymmetric Algorithms
Algorithm Security Basis Ciphertext Size Semantic Security Performance
ElGamal Discrete Logarithm 2x plaintext Yes Moderate
RSA Integer Factorization = key size With OAEP Fast
ECC Elliptic Curve DLP Smaller keys Yes Very Fast
Code Examples

Java (Bouncy Castle)

Security.addProvider(new BouncyCastleProvider());
KeyPairGenerator kpg = KeyPairGenerator.getInstance("ElGamal", "BC");
kpg.initialize(1024);
KeyPair kp = kpg.generateKeyPair();

Cipher cipher = Cipher.getInstance("ElGamal/None/NoPadding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, kp.getPublic());
byte[] ciphertext = cipher.doFinal(plaintext);

Python (PyCryptodome)

from Crypto.PublicKey import ElGamal
from Crypto.Random import get_random_bytes

# Generate key pair
key = ElGamal.generate(2048, get_random_bytes)
public_key = key.publickey()

# ElGamal is typically used with hybrid encryption
# combining with symmetric ciphers like AES
Use Cases and Best Practices
  • Hybrid Encryption: Use ElGamal to encrypt symmetric keys (AES), then encrypt the actual data with AES. This combines ElGamal's security with AES's speed.
  • Digital Signatures: ElGamal can be adapted for digital signatures (ElGamal signature scheme), though DSA (derived from ElGamal) is more commonly used.
  • Key Exchange: ElGamal is closely related to Diffie-Hellman and can be used for secure key exchange protocols.
  • Key Size: For standard ElGamal, use at least 2048-bit keys. For EC-ElGamal, 256-bit curves provide equivalent security.

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users
200+ tools
100% private
One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good
Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.
Quick Access