I see you are using ECDH shared secret as AES key. This is not advisable because the shared secret could have bias. It needs to pass through HKDF step.
Also, P-256 can only provide 128-bit strength, so that you should be using AES-128, not AES-256.
Thank you! I'll try improving this part as well
Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink.
Hide child comments as well
Confirm
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I see you are using ECDH shared secret as AES key. This is not advisable because the shared secret could have bias. It needs to pass through HKDF step.
Also, P-256 can only provide 128-bit strength, so that you should be using AES-128, not AES-256.
Thank you! I'll try improving this part as well