[curves] General Curve25519 and Ed25519 Libraries

Michael Scott mike.scott at certivox.com
Tue Jun 30 00:42:56 PDT 2015 

Probably a little late responding to this, but we have a new Crypto Library

https://github.com/CertiVox/MiotCL.git

There is a PDF in there which describes it in detail.

- Its multi-lingual (C, Java, JavaScript, + C# via translation tools, and
coming soon - Swift)
- Its portable (no assembly). So not the fastest.
- Its targeted at the Internet of Things
- It only supports security at the AES-128 - bit level, that is 256 bit (or
slightly less) elliptic curves.
- Built in support for NIST, Brainpool, 25519 and NUMS curves, plus BN
curves for pairings
- Side channel attack resistance baked in
- Legacy support for RSA
- AES+ standard modes. AES-GCM. SHA256

Probably the only controversial aspect is the restriction to 128-bit
security. Best justification for this comes from Miele & Lenstra

http://csrc.nist.gov/groups/ST/ecc-workshop-2015/papers/session1-miele-paper.pdf

who  point out that 256-bit security was introduced as a response to the
possibility of a quantum computer (in which case elliptic curves are toast
anyway), and that 192 bit security was suggested for the profound
scientific reason that 192=(128+256)/2 (that last from Brian Snow of the
NSA, who should know)

Feedback welcome (particularly on what aspects to concentrate on to enhance
side-channel resistance)

-- 
Michael Scott
Chief Cryptographer
CertiVox Ltd
Tel (353) 86 3888746

"Those who give up essential security to purchase a slightly better user
experience, deserve to get hacked."


On Wed, Jun 17, 2015 at 10:16 PM, Frank Wang <frankw at mit.edu> wrote:

> Hi,
>
> I am working on a research project at MIT, and I need to use elliptic
> curves (or a group where DDH is hard, but elliptic curves seem like the
> best way to go) to implement a cryptographic scheme. I've been trying to
> search for general Curve25519 and Ed25519 libraries where I can just do add
> and scalar multiply as well as hash messages to points. The best library
> I've come across so far is tweetnacl, which has the add and scalar multiply
> operation for Ed25519, but it's a bit difficult to use, and I end up
> modifying the library to do subtraction of points.
>
> I have yet to find a good library that allows me to just do operations on
> Ed25519 or Curve25519. Does such a library exist? If not, any tips on what
> I should do? Should I just use another curve library that is better
> supported? If so, any suggestions?
>
> Thanks,
> Frank
>
> _______________________________________________
> Curves mailing list
> Curves at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/curves
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/curves/attachments/20150630/4e3b36c0/attachment.html>

More information about the Curves mailing list