Misplaced Pages

Curve448

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Elliptic curve used in Internet cryptography

In cryptography, Curve448 or Curve448-Goldilocks is an elliptic curve potentially offering 224 bits of security and designed for use with the elliptic-curve Diffie–Hellman (ECDH) key agreement scheme.

History

Developed by Mike Hamburg of Rambus Cryptography Research, Curve448 allows fast performance compared with other proposed curves with comparable security. The reference implementation is available under an MIT license. The curve was favored by the Internet Research Task Force Crypto Forum Research Group (IRTF CFRG) for inclusion in Transport Layer Security (TLS) standards along with Curve25519.

In 2017, NIST announced that Curve25519 and Curve448 would be added to "Special Publication 800-186", which specifies approved elliptic curves for use by the US Federal Government, and in 2023 it was approved for use in FIPS 186-5. Both are described in RFC 7748. The name X448 is used for the DH function. X448 support was added to OpenSSL in version 1.1.1 (released on 11 September 2018).

Mathematical properties

Hamburg chose the Solinas trinomial prime base p = 2 − 2 − 1, calling it a "Goldilocks" prime "because its form defines the golden ratio φ ≡ 2". The main advantage of a golden-ratio prime is fast Karatsuba multiplication.

The curve Hamburg used is an untwisted Edwards curve Ed: y + x = 1 − 39081xy. The constant d = −39081 was chosen as the smallest absolute value that had the required mathematical properties, thus a nothing-up-my-sleeve number.

Curve448 is constructed such that it avoids many potential implementation pitfalls.

See also

References

  1. Hamburg, Mike (2015). "Ed448-Goldilocks, a new elliptic curve". Cryptology ePrint Archive.
  2. "SourceForge.net: Ed448-Goldilocks". ed448goldilocks.sourceforge.net.
  3. "Transition Plans for Key Establishment Schemes". 31 October 2017. Archived from the original on 11 March 2018. Retrieved 23 February 2018.
  4. Moody, Dustin (2023-02-03). FIPS 186-5: Digital Signature Standard (DSS) (Report). NIST. doi:10.6028/NIST.FIPS.186-5. S2CID 256480883. Retrieved 2023-03-04.
  5. OpenSSL Foundation (2023-09-11). "/news/openssl-1.1.1-notes.html". openssl.org. Retrieved 2024-01-11.
  6. Sasdrich, Pascal; Géneysu, Tim (2017). Cryptography for next generation TLS: Implementing the RFC 7748 elliptic Curve448 cryptosystem in hardware. 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC). doi:10.1145/3061639.3062222.
  7. "SafeCurves: Introduction". safecurves.cr.yp.to. Retrieved 2018-02-23.
Public-key cryptography
Algorithms
Integer factorization
Discrete logarithm
Lattice/SVP/CVP/LWE/SIS
Others
Theory
Standardization
Topics
Category: