Ed25519
Ed25519 is a particular implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) on a particular elliptic curve over a particular finite field, uniquely specified for the purpose, and named “Curve25519.”
Or is it “birationally equivalent?”
It is described perhaps most definitively on its author’s homepage [1]. It has been extensively studied and reviewed [2]. Schneier [3][4] feels that some of these schemes are overspecified [5], and possibly backdoored by the NSA. For that matter we could just as easily pull a CIA factbook on the Tonga, official registrant of the .to top level country code domain.
The figure 25519 refers to the prime number 2255 – 19 =
57896044618658097711785492504343953926634992332820282019728792003956564819949
used as the modulus of the finite field.
- ↑ Daniel Bernstein. https://ed25519.cr.yp.to/, last updated 2017.01.22.
- ↑ Jacqueline Brendel, Cas Cremers, Dennis Jackson, and Mang Zhao. “The Provable Security of Ed25519: Theory and Practice.” Cryptology ePrint Archive, vol. 2020, no. 823. https://eprint.iacr.org/2020/823.pdf
- ↑ Bruce Schneier. “Bounty to Recover NIST’s Elliptic Curve Seeds.” Schneier on Security, Oct 12, 2023. https://www.schneier.com/blog/archives/2023/10/bounty-to-recover-nists-elliptic-curve-seeds.html
- ↑ Filippo Valsorda. “Announcing the $12K NIST elliptic curve seeds bounty.” Cryptography Dispatches, Oct 5, 2023. https://words.filippo.io/dispatches/seeds-bounty/
- ↑ A. Langley, M. Hamburg and S. Turner. “Elliptic Curves for Security.” Technical Report RFC 7748, Jan. 2016. https://datatracker.ietf.org/doc/html/rfc7748
