Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add a Montgomery representation of Curve25519, called "Curve25519" #533

Open
pierluca opened this issue Jul 15, 2024 · 0 comments
Open

Add a Montgomery representation of Curve25519, called "Curve25519" #533

pierluca opened this issue Jul 15, 2024 · 0 comments
Labels
enhancement help wanted

Comments

@pierluca
Copy link
Contributor

pierluca commented Jul 15, 2024
edited
Loading

As part of #384 and #528, the group/-directory has been cleaned up for the v4 release.

Paraphrasing @ineiti in #384 :

#384 was triggered by a question that came up with ByzGen about our use of Curve25519. This curve can be represented in two different ways:

The two representations are isogenic, which means that you can get from one representation to the other with a change of coordinates.

The two (three) curve25519 implementation in kyber are as follows:

  • Ed25519 in group/ed25519 is either constant-time, or variable-time, Twisted Edwards Curve implementation
  • Variable Ed25519 in group/var_ed25519 is a variable-time, Twisted Edwards Curve implementation

As of 2019, it seems that a consensus is materializing, where Edwards25519 refers to the Twisted Edwards representation, while Curve25519 refers to the Montgomery representation.

➡️ We should add a Montgomery representation of Curve25519 to the repo and call it Curve25519
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pierluca