Guy K. Kloss
gk at mega.co.nz
Mon Jun 2 20:26:20 PDT 2014
for our web application, we're using 25519-based EC crypto.
Unfortunately, it's a bit of a "wild" field, where no commonly accepted
and scrutinised implementations have crystallised out, yet.
We were originally using Michele Bini's code for Curve25519 ECDH and Ron
Garret's code for Ed25519 EdDSA signing. Unfortunately both codes were
quite messy, and Ron's was depending on an old/outdated version of
Michele's code. So, with their help, we've united the two under a single
project, which keeps the name spaces nice and tidy, as well as provides
some unit tests, also checking against NaCl's and DJB's test vectors for
It would be awesome, if people with an interest in this matter on the
use, ... whatever. Anything is appreciated. Well ... maybe not rants on
It's probably a good idea to aggregate more eye balls on this, than
people using all kinds of different or home brew versions of this.
Especially as Michele and Ron (the original authors of the code base)
are on board with this, too.
"elliptic" now also features Curve 25519 crypto (since a few days only):
However, I couldn't find any way to use that API simply yet for direct
scalar multiplication, as needed for determining a group key via some
kind of group Diffie-Hellman (or even triple DH). I've opened an issue
on it, so let's see what comes back:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Curves