[tor-dev] [draft] Proposal 220: Migrate server identity keys to Ed25519
Maxim Kammerer
mk at dee.su
Tue Aug 13 20:25:13 UTC 2013
On Tue, Aug 13, 2013 at 4:13 AM, Nick Mathewson <nickm at torproject.org>wrote:
> Ed25519 (specifically, Ed25519-SHA-512 as described and specified at
> http://ed25519.cr.yp.to/) is a desirable choice here: it's secure,
> fast, has small keys and small signatures, is bulletproof in several
> important ways, and supports fast batch verification. (It isn't quite
> as fast as RSA1024 when it comes to public key operations, since RSA
> gets to take advantage of small exponents when generating public
> keys.)
>
At the risk of invoking something that was already discussed to death (and
I was not aware): why not go with something established like P-521 that
would apparently be a drop-in replacement with OpenSSL? Are the benefits
really worth it?
--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20130813/991ab7f2/attachment.html>
More information about the tor-dev
mailing list