Questions tagged [rfc7748]

This tag should be used for questions that specifically ask about the contents of RFC 7748, Elliptic Curves for Security (January 2016).

RFC 7748 is an informational memo produced by the Internet Research Task Force (IRTF) that specifies the elliptic curves Curve25519 (128-bit security level) and Curve448 (224-bit security level) over prime fields, which offer cryptographic applications a strong level of practical security.

RFC 7748 also describes the X25519 and X448 functions. X25519 can be used in an Elliptic Curve Diffie-Hellman (ECDH) protocol, and X448 can be used in an ECDH protocol.

This RFC also covers side-channel considerations, test vectors, the procedures that were used in generating the curves, important references (normative and informative), and a critique of the security level of each curve.

3 questions

votes

1 answer

Can multiple public keys lead to the same shared secret in X25519?

I have no mathematical knowledge about this, but I just read in RFC 7748 the following: Designers using these curves should be aware that for each public key, there are several publicly computable public keys that are equivalent to it, i.e., they…

elliptic-curves diffie-hellman rfc7748

asked Sep 07 '19 at 20:51

yuzi

votes

2 answers

Difference on montgomery curve equation between EFD and RFC7748

There is a subtle difference between the 2 implementations for a Montgomery curve defined from the 2 following links https://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html A = X2+Z2 AA = A^2 B = X2-Z2 BB = B^2 E =…

elliptic-curves x25519 rfc7748

asked Mar 11 '19 at 17:35

Pierre

votes

2 answers

Ed448 parameters wrong in RFC7748

When implementing and testing my own EdDSA program I found out that the old RFC7748 gives wrong parameters for Ed448/Edwards448. There is currently a new Draft were this is…

eddsa ed448 rfc7748

asked Aug 20 '22 at 10:57

Habor