Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ed448 #1121

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Add ed448 #1121

wants to merge 9 commits into from
+7,536 −30

Conversation

mikelodder7
Copy link

This adds the Ed448-Goldilocks curve and signing implementation from the latest commit at Mikelodder7/Ed448-Goldilocks.

@mikelodder7 mikelodder7 mentioned this pull request Feb 14, 2025
Open
dignifiedquire
dignifiedquire reviewed Feb 14, 2025
View reviewed changes
dignifiedquire
dignifiedquire reviewed Feb 14, 2025
View reviewed changes
ed448/src/curve/montgomery.rs
// The original file was a part of curve25519-dalek.
// Copyright (c) 2016-2019 Isis Lovecruft, Henry de Valence
// Copyright (c) 2020 Kevaundray Wedderburn
// See LICENSE for licensing information.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lets add a reference to the actual licnes file from curve25519-dalek

@dignifiedquire
Copy link
Member

@tarcieri @mikelodder7 I am not seeing much in terms of test vectors or the likes, do you happen to know where to find some?

@dignifiedquire
Copy link
Member

working on a pr to update to the current set of rustcrypto deps

@mikelodder7
Copy link
Author

Co authors
@divergentdave
@conradoplg
@stackinspector
@anonion0
@kevaundray

@mikelodder7
Copy link
Author

@tarcieri @mikelodder7 I am not seeing much in terms of test vectors or the likes, do you happen to know where to find some?

Here's the Ed448 test vectors

https://github.com/RustCrypto/elliptic-curves/pull/1121/files#diff-16bd59631ab39d33a42cd634a7603565919c4243d9d2b21b3d975d194457f22bR351

@dignifiedquire
Copy link
Member

created mikelodder7#1

@mikelodder7
Copy link
Author

created mikelodder7#1

👀

@hko-s hko-s mentioned this pull request Feb 22, 2025
Open
@dkg
Copy link

dkg commented Mar 4, 2025

what's the status on this? It would be great to see ed448 under the RustCrypto umbrella.

@tarcieri tarcieri self-requested a review March 4, 2025 22:46
@tarcieri
Copy link
Member

@dkg waiting on @mikelodder7 to rebase and get the tests passing

@mikelodder7
add ed448
6434c72 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
update rustfmt.toml
6485a34 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
fixes to scalar
2778ed8 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
fix tests and compile issues
5150f16 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
add ed448 workflow
6b1a0d2 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
update to no_std
6d0823a 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
clean up warnings
5dd6659 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@stackinspector
Copy link

There's a little stuff about my previous contribution that I feel the need to renegotiate before the code gets into a serious place like RustCrypto.
The hex_to_field (example) in test cases, which I originally implemented with macro_rules, passes string literial as a macro argument to hex-literial::hex!. But the maintainer of the original repository preferred hex_to_field as a function. But the problem is that hex-literial::hex! can only accept string literials, and the function hex-literial::decode, which can accept &'static str directly, is an internal API, even though we can do the checks that should be done, the API is theoretically unstable! Some of the other drawbacks I explained in the comment at the time. At final the function version was merged, but I still prefer to switch back to the macro_rules implementation and pass literals.

@mikelodder7
update workflows
6ec5b9c 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
@mikelodder7
clippy
363ed9d 
Signed-off-by: Michael Lodder <mike@litprotocol.com>
tarcieri
tarcieri reviewed Mar 17, 2025
View reviewed changes
ed448/Cargo.toml
homepage = "https://docs.rs/ed448-goldilocks/"
keywords = ["cryptography", "decaf", "ed448", "ed448-goldilocks"]
license = "BSD-3-Clause"
name = "ed448"
Copy link
Member

@tarcieri tarcieri Mar 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we keep the name as ed448-goldilocks, it will allow the ed448 name to be used for the signature abstraction crate, which would be consistent with the ed25519 crate

(and that also ensures existing users get updates automatically without having to change to a new name)

Copy link
Member

@tarcieri tarcieri Mar 17, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another option for a name is curve448. We could extract the EdDSA implementation/instantiation into ed448 at that point, which would follow how curve25519-dalek/ed25519-dalek are structured.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarcieri tarcieri tarcieri left review comments

@dignifiedquire dignifiedquire dignifiedquire left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@mikelodder7 @dignifiedquire @dkg @tarcieri @stackinspector