Ed25519

Ed25519 is a particular implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) on a particular elliptic curve over a particular finite field, uniquely specified for the purpose, and named “Curve25519.”
Or is it “birationally equivalent?” We need a dunce cap category for “elliptic curves” that are actually conic sections plotted by the square roots of their coördinates to appear as trivially reducible quartic curves.
It is described perhaps most definitively on its author’s homepage [2]. It has been extensively studied and reviewed [3]. Schneier [4][5] feels that some of these schemes are overspecified [6], and possibly backdoored by the NSA. For that matter we could just as easily pull a CIA factbook on the Tonga, official registrant of the .to top level country code domain.
The figure “25519” refers to the prime number 2255 – 19 =
57896044618658097711785492504343953926634992332820282019728792003956564819949
used as the modulus of the finite field. This particular choice of prime number is not difficult to explain as simply the largest suitable prime number that will not overflow a 256-bit or 8-byte array of memory allocated for the efficient machine implementation of arithmetic which is mentioned in the literature. The properties of the finite field GF(p), however, depend heavily on the prime factorization of . Assuming quartic curves reducible to a degree of two are largely irrelevant, the only difficulty for cracking this scheme of public key encryption is the straight discrete logarithm problem modulo 2²⁵⁵–19.
- ↑ Monero Project: Monero docs: Edwards25519 Elliptic Curve https://docs.getmonero.org/cryptography/asymmetric/edwards25519/
- ↑ Daniel Bernstein. https://ed25519.cr.yp.to/, last updated 2017.01.22.
- ↑ Jacqueline Brendel, Cas Cremers, Dennis Jackson, and Mang Zhao. “The Provable Security of Ed25519: Theory and Practice.” Cryptology ePrint Archive, vol. 2020, no. 823. https://eprint.iacr.org/2020/823.pdf
- ↑ Bruce Schneier. “Bounty to Recover NIST’s Elliptic Curve Seeds.” Schneier on Security, Oct 12, 2023. https://www.schneier.com/blog/archives/2023/10/bounty-to-recover-nists-elliptic-curve-seeds.html
- ↑ Filippo Valsorda. “Announcing the $12K NIST elliptic curve seeds bounty.” Cryptography Dispatches, Oct 5, 2023. https://words.filippo.io/dispatches/seeds-bounty/
- ↑ A. Langley, M. Hamburg and S. Turner. “Elliptic Curves for Security.” Technical Report RFC 7748, Jan. 2016. https://datatracker.ietf.org/doc/html/rfc7748