non-weiestrass curves

[pera]

Would be possible to use alternative curves like Montgomery and Edward? I would like to use curve25519..

cheers

[bitwiseshiftleft]

Yes. But SJCL isn’t designed as a complete toolbox that implements every primitive; we selected just a few which we hope will be good enough, so as to reduce complexity. That’s why there’s no Curve25519.

On Jan 13, 2014, at 4:46 PM, pera notifications@github.com wrote:

Would be possible to use alternative curves like Montgomery? I would like to use curve25519..

cheers

— Reply to this email directly or view it on GitHub.

[pera]

I understand, reduce complexity in a relative new crypto library seems like the right decision... but still, it would be awesome to construct Montgomery and Edwards curves with sjcl.ecc.curve(). Especially after the lastest (and not so) revelations concerning NIST's recommended ECC. thanks

[alax]

@pera The only revelations concerning the NIST's recommendations are regarding Dual_EC_DRBG, which is a random number generator based on elliptic curves. It has absolutely nothing to do with the asymmetric cryptography curves.

[pera]

@alax Yes, s/ECC/EC CSPRNG/, sorry. I didn't try to say that SJCL included any known backdoored curve, but only that some people are moving away from NIST recommended curves because they don't trust them anymore, and that currently SJCL is only able to construct Weiestrass form curves. Though afaik there is no evidence of any potential risk on using those parameters...

[Nilos]

I created a ticket to keep track of all curve addition requests here: #158 Closing this ticket for cleanness of backlog.