cothority icon indicating copy to clipboard operation
cothority copied to clipboard

Published 20 hours ago verified publisher icon dedis

Twisted Edwards Curve / Montgomery

Open ineiti opened this issue 5 years ago • 0 comments

The current kyber ed25519 implementations seem to both use Twisted Edwards Curve, as proposed in the RFC8032:

  • curve25519 is the variable-time, fast implementation - not used
  • ed25519 is the constant-time, slower implementation - used in cothority

Unfortunately the popular BouncyCastle library uses Montgomery representation, as described in the RFC7748, but BouncyCastle doesn't support Twisted Edwards Curve representation.

So, we either:

  • implement Twisted Edwards Curve in BouncyCastle or
  • implement a Montgomery (RFC7748?) compatible curve25519 for dedis/kyber

Things to verify:

  • Twisted Edwards Curve and Montgomery definitions in RFCs
  • Compatibility of kyber/ed25519 with RFC8032
  • Availability of Montgomery implementation in golang
  • Why does golang use Twisted Edwards Curve representation per default?

ineiti avatar May 07 '19 09:05 ineiti