ed25519 adoption -- challenges

Question

If ed25519 is that attractive that it seems to be, can someone explain why adoption has been slow and if there are, if any, challenges with implementing ed25519.

Nathan Aw

The same reason ordinary people don't use Linux on their desktop computers. — DannyNiu, Mar 08 '18 at 09:20
How has adoption been slow? It's not even 7 years old and already quite popular. — CodesInChaos, Mar 08 '18 at 10:35

score 4 · Accepted Answer · answered Mar 08 '18 at 10:31

In general, assumptions that have been around for a long time are considered far preferable to new ones. Although a new curve is not strictly a new assumption, these curves do have special structure and so may contain surprises. This is not to say that they do contain surprises, and indeed they are not vulnerable to any KNOWN attacks (but that is only what is known). Also, note that EdDSA may be less side-channel resistant than expected, as shown in Daniel Genkin's talk at RWC 2018.

score 1 · Answer 2 · answered Mar 08 '18 at 09:31

1

Most CAs are business-oriented, meaning their certificate issuing software system are written under bureaucratic forces - the result of this type of software development, is that update to products often take years if not decades to occur.

So when the non-techy shareholders sitting around board table, the last thing they can understand is the advantageous properties of EdDSA such as misuse-resistant, side-channel safe, etc. No wonder why they can't move forward to invest in that.

answered Mar 08 '18 at 09:31

DannyNiu

9,207
2
24
57

1

Note that, in PKI, you have a significant chicken/egg problem; CA's won't issue EdDSA certs unless all the clients needing to accept the certs will understand them, and the people writing the clients won't bother supporting those certs unless there's actually some in the field. There are some ways around this particular chicken/egg; however it still takes a while... – poncho Mar 08 '18 at 18:37

ed25519 adoption -- challenges

2 Answers2