|This article relies too much on references to primary sources. (March 2014) (Learn how and when to remove this template message)|
In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on Twisted Edwards curves. It is designed to be faster than existing digital signature schemes without sacrificing security. It was developed by a team including Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. The reference implementation is public domain software.
Ed25519 is the reference implementation of EdDSA using the Twisted Edwards curve:
The Bernstein team has optimized Ed25519 for the x86-64 Nehalem/Westmere processor family. Verification can be performed in batches of 64 signatures for even greater throughput. Ed25519 is intended to provide attack resistance comparable to quality 128-bit symmetric ciphers. Public keys are 256 bits in length and signatures are twice that size.
As security features, Ed25519 does not use branch operations and array indexing steps that depend on secret data, so as to defeat many side channel attacks.
Like other digital signature algorithms, EdDSA requires a secret value, or nonce, unique to each signature. However EdDSA calculates this nonce deterministically, as the hash of the secret key and the message, rather than using a randomly generated number. This reduces the risk of a random number generator attack, but does not completely eliminate it, since high quality random numbers are still needed for key generation.
- A slow but concise alternate implementation, does not include side-channel attack protection (Python)
- I2Pd has its own implementation of EdDSA
- Bernstein, Daniel J.; Duif, Niels; Lange, Tanja; Schwabe, Peter; Bo-Yin Yang (2012). "High-speed high-security signatures" (PDF). Journal of Cryptographic Engineering. 2 (2): 77–89. doi:10.1007/s13389-012-0027-1.
- "Software". 2015-06-11. Retrieved 2016-10-07.
The Ed25519 software is in the public domain.
- Bernstein, Daniel J.; Lange, Tanja (2007). Kurosawa, Kaoru, ed. Faster addition and doubling on elliptic curves. Advances in cryptology—ASIACRYPT. Lecture Notes in Computer Science. Berlin: Springer. pp. 29–50. doi:10.1007/978-3-540-76900-2_3. ISBN 978-3-540-76899-9. MR 2565722.
- "Changes since OpenSSH 6.4". 2014-01-03. Retrieved 2016-10-07.
- "What's new in GnuPG 2.1". 2016-07-14. Retrieved 2016-10-07.
- "Things that use Ed25519". 2016-10-06. Retrieved 2016-10-07.
- "eBACS: ECRYPT Benchmarking of Cryptographic Systems: SUPERCOP". 2016-09-10. Retrieved 2016-10-07.
- "python/ed25519.py: the main subroutines". 2011-07-06. Retrieved 2016-10-07.
- "Software: Alternate implementations". 2015-06-11. Retrieved 2016-10-07.
- "wolfSSL Embedded SSL Library (formerly CyaSSL)". Retrieved 2016-10-07.
- Frank Denis (2016-06-29). "libsodium/ChangeLog". Retrieved 2016-10-07.
- "Heuristic Algorithms and Distributed Computing" (PDF) (in Russian). 2015. pp. 55–56. ISSN 2311-8563. Retrieved 2016-10-07.
- Frank Denis. "Minisign: A dead simple tool to sign files and verify signatures.". Retrieved 2016-10-07.
- minisign-misc on GitHub