I can't understand the ECIES algorithm.
I saw two different ECIES algorithms:
Using only Public key
Key generation:
$A_{pri} : n_A$
$A_{pub} : n_A G$
$B_{pri} : n_B$
$B_{pub} : n_B G$
Encryption:
Select a random $k$.
A -> B to Cipher C : $\{kG, \text{message} + k B_{pub}\}$
Decryption
$\text{message} + k B_{pub} - n_B kG = message + k n_B G - n_B k G = \text{message}$
Using Symmetric key(AES)
what is real?
Yes, ECIES is essentially a more practical implementation of ElGamal, a hybrid cryptosystem. It uses symmetric encryption following an ephemeral key exchange.
Refer to : https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme
Compare it with : https://en.wikipedia.org/wiki/ElGamal_encryption
The only difference is that instead of using KDF+XOR or AES+GCM as the symmetric cipher, ElGamal specifies a different symmetric step mapping the message to a point and using inverse modulo to recover.
Once of the oddities is that using a KDF and then using XOR was the most popular version of ECIES for a number of years. If used carefully, it's OK, but without properly padding the message, things can get ugly (chosen ciphertext attacks, etc.)
Ditching XOR and using AES/GCM with the shared secret seems, to me, like the better move, shifting responsibility for the authentication onto the symmetric layer. The use of KDF/XOR is still prevalent in modern libraries, mostly because some XOR variants were FIPS certified.
