Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
ietf-eddsa
Project overview
Project overview
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Simon Josefsson
ietf-eddsa
Commits
ca70220f
Commit
ca70220f
authored
Feb 16, 2015
by
Simon Josefsson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix
parent
deab3f68
Changes
2
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
111 additions
and
52 deletions
+111
-52
draft-josefsson-eddsa-ed25519.txt
draft-josefsson-eddsa-ed25519.txt
+102
-46
draft-josefsson-eddsa-ed25519.xml
draft-josefsson-eddsa-ed25519.xml
+9
-6
No files found.
draft-josefsson-eddsa-ed25519.txt
View file @
ca70220f
This diff is collapsed.
Click to expand it.
draft-josefsson-eddsa-ed25519.xml
View file @
ca70220f
...
...
@@ -67,12 +67,15 @@
<t>
Does not require the use of a unique random number for each
signature.
</t>
<t>
Collision resilience, meaning that hash-function collisions
do not break this system.
</t>
<t>
More resilient to side-channel attacks.
</t>
<t>
Small public keys (32 bytes) and signatures (64 bytes).
</t>
<t>
The formulas are "strongly unified", i.e., they are valid
for all points on the curve, with no exceptions.
</t>
<t>
Collision resilience, meaning that hash-function collisions
do not break this system.
</t>
</list></t>
<t>
For further background, see the original
<xref
...
...
@@ -88,7 +91,7 @@
<t>
x^y x multiplied by itself y times
</t>
<t>
h_i the i'th b
yte
of h
</t>
<t>
h_i the i'th b
it
of h
</t>
<t>
a || b (bit-)string a concatenated with (bit-)string b
</t>
...
...
@@ -100,8 +103,8 @@
<t>
-x^2 + y^2 = 1 + d x^2 y^2
</t>
<t>
It is required that q = 1 modulo 4 (which implies that -1
is
a square modulo q) and that d is a non-square modulo q. For
<t>
It is required that q = 1 modulo 4 (which implies that -1 is
a square modulo q) and that d is a non-square modulo q. For
Ed25519, the curve used is equivalent to curve25519, under a
change of coordinates, which means that the difficulty of the
discrete logarithm problem is the same as for curve25519.
</t>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment