3

I am new to security area. I came across mutiple words I can't understand and there is little infomration I can get from google.

  1. What is XDH/XEC, is the X means 'enhanced'? Are they just have a different way of generating key pair?
  2. According to RFC8422 ECDHE_ECDSA supports the EdDSA as well, does this means EdDSA is just a different set of curves?
Nick Allen
  • 131
  • 2
  • Hi Nick, welcome to cryptography SE. XDH is a computational hardness assumption described here.https://en.wikipedia.org/wiki/XDH_assumption . You may need to be familiar with CDH, DDH, co-CDH as well as pairings before you understand it. I don't think you need to know cryptography in such mathematical details to work in security either. – Manish Adhikari Aug 08 '21 at 03:54
  • 2
    And EdDSA is not ECDSA with a different curve. They are different algorithms that work in different ways. EdDSA is based on and thus similar to Schnorr's signature while ECDSA is elliptical curve version of DSA, which itself is based on El-Gamal signatures (kinda shorter version of it) ECDSA https://en.wikipedia.org/wiki/ECDSA EdDSA https://en.wikipedia.org/wiki/EdDSA – Manish Adhikari Aug 08 '21 at 03:57
  • 2
    @ManishAdhikari+ in this context I suspect XDH is the 'family' (so far, just pair) of Montgomery-ladder (X-only) DH methods created by Bernstein, originally named curve25519 and curve448 but renamed X25519 and X448 so he could reuse the curves (in Edwards form) for Ed25519 and Ed448. XEC might reference the slightly strained naming of classes in (Oracle/OpenJDK) Java for these schemes: the KeyAgreement is X# and Signature is ED# (ED because JCA ignores case) but the keys are {XEC,EdEC}{,Private,Public}Key. – dave_thompson_085 Aug 08 '21 at 07:11
  • @dave_thompson_085 yeah. I should have suspected because this was migrated from infosec I don't expect bi linear mapping with two different groups to appear wild in the industry. – Manish Adhikari Aug 08 '21 at 07:26
  • @ManishAdhikari Thanks for your hospitality. The reason cryptography confuse me is that I am just a developer which just integrating these algorithms. The mathematical detail are too much for me. I want to know XDH's relation to DH when it comes to integrating it. And why ECDHE_ECDSA supports EdDSA while they are different algothems. – Nick Allen Aug 09 '21 at 02:53
  • You don't need to bother with details to use cryptography. It is better to just use a well tested library or applications like openssl. Even then there is always a danger of using it wrongly so it is better to consult someone. – Manish Adhikari Aug 09 '21 at 03:26

0 Answers0