AGL's implementation of Ed25519 is awesome, and I'd love to see it in
go.crypto. One caveat, though, is that while the Ed25519 curve itself and
most of the Ed25519 code is in principle usable in a wide variety of
public-key crypto algorithms and protocols, the current ed25519 package is
completely specific to just one public-key signature scheme. If ed25519 is
included in go.crypto as-is, it will already embody some functional overlap
with the existing curve25519 package (which implements a different
representation of the same basic curve). Continuing this approach will
invite further functional duplication down the road if/when other
curve25519-based public-key algorithms get incorporated into go.crypto, as
seems likely. The different and separately-optimized curve representations
may justify keeping curve25519 and ed25519 separate, but it would be nice
to avoid a new copy of the curve25519 or ed25519 code for every new
public-key algorithm that uses either of these curve representations.
In our group's work-in-progress advanced crypto library, one thing we've
done is generalize AGL's ed25519 implementation to be more general and
usable in arbitrary public-key crypto algorithms; for example we're using
it for general zero-knowledge proofs, verifiable shuffles, etc. The
generalized ed25519 code is here:http://godoc.org/github.com/DeDiS/crypto/edwards/ed25519
...and the abstract elliptic-curve-arithmetic interfaces it implements are
In this framework, for example, either Ed25519 or the NIST curves already
supported in the Go standard library can be used interchangeably in
public-key algorithms that no longer need to know or care exactly which
curve they're using.
Incorporating a general framework like this of course would be a bigger
deal than just incorporating ed25519 for digital signing support, and I'm
not proposing that it needs to or should be done right now; I would just
prefer to see something like this happen at some point rather than to see a
gradually increasing proliferation of algorithm-specific variants of the
same underlying elliptic curves appearing in the go.crypto library.
You received this message because you are subscribed to the Google Groups "golang-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to email@example.com.
For more options, visit https://groups.google.com/d/optout.