Talk:Curve25519

Talk
This is a pre-stub page for Dan Bernstein's Curve25519 ECC-DH algorithm. I'm redirecting to ECC for now; I imagine ECC will at some point contain a section on Curve25519, and eventually it will be moved into its own article, for as a cryptographic algorithm goes, it warrants more than just a footnote in the ECC class of ciphers. Feel free to be bold and write that article.

Bernstein's paper is here:http://cr.yp.to/ecdh/curve25519-20060209.pdf

NoDepositNoReturn (talk) 06:26, 14 June 2008 (UTC)

Quadratic Extension
The article says the curve is defined "over the quadratic extension of the prime field...".

I don't think that's true, I think it's defined over the prime field.

See the original publication: https://cr.yp.to/ecdh/curve25519-20060209.pdf page 4. — Preceding unsigned comment added by 194.95.66.251 (talk) 16:36, 26 February 2019 (UTC)

Bruce Schneier quote
While I have no doubt that Schneier has an issue with other curves, I don't like that this article makes an endorsement of Curve25519 out of that. Is there any quote where he actually suggests it being better than the NSA-parameters?

--Giszmo (talk) 01:01, 18 August 2015 (UTC)

I don't read it like he endorses Curve25519, rather the article tries to document the mention "... but interest increased considerably after 2013..." MaxStrobel (talk) 16:16, 21 November 2015 (UTC)

Patents
It is clear that Bernstein believes this curve to be patent-free, but is this enough to say it here ?

How can we be sure that there are no patents covering it ? or some particular implementation of it ?

The fact that its author is unaware of it doesn't make curve25519 patent free in my opinion. ECC is known to be a mess with regards to patents, and Bernstein doesn't own a law firm as far as I know. — Preceding unsigned comment added by 72.37.140.35 (talk) 12:56, 28 August 2015 (UTC)

Quantum computing
It would be nice to know if anything about the choices in the curve's implementation would protect against attacks designed for quantum computers. DouglasHeld (talk) 02:27, 10 September 2015 (UTC)

GPG support
Yesterday I removed the sentence that said that GPG uses Curve25519 by default. Indeed it does not, but on the other hand it can used starting with release 2.1 if enabled with "--expert" mode and if the fact that OpenPGP didn't yet ratify the packet identifier used by that implementation is OK with the user. So, can be used by anyone determined to use it (and with a very recent GnuPG), but very far from being the default. --Lapo Luchini (talk) 08:35, 19 November 2015 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified one external link on Curve25519. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20150520171756/http://fossies.org/dox/nettle-3.1.1/curve25519_8h.html to http://fossies.org/dox/nettle-3.1.1/curve25519_8h.html

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 18:19, 15 August 2017 (UTC)

Plot of the curve
ls.

I created an image depicting this curve:



Please add it to the lemma if you think it's correct and useful.

Kind regards Snaily (talk) 23:14, 23 September 2023 (UTC)