Change curve 25519 and curve 448 to ed25519 and ed448

[claucece]

It should follow the parameters defined for the edwards curves, as defined in RFC7748.

This is kind of related to #142 and #163 (as it should specify the encoding to be used).

cc./ @armfazh @chris-wood

[chris-wood]

We should close this and just move directly to ristretto255 and decaf448. @armfazh, please close if you agree!

[armfazh]

agree, let's move forward with those groups

[claucece]

Sure thing. As a read in the current draft, ristretto255 is an instantiation of the abstract prime-order group Curve25519, and it is using it's order, as defined in RFC7748. The base point is a base point (I think the ed25519 one) encoded in a Ristretto way: e2f2ae0a 6abc4e71 a884a961 c500515f 58e30b6a a582dd8d b6a65945 e08d2d76, and internally using ed25519 operations for scalarmul and others (and, therefore, internally using the ed25519 base point).

I'm not sure why it is specified:

The group order is the same as the order of the Curve25519 primeorder
subgroup:
l = 2^252 + 27742317777372353535851937790883648493

and not directly the edwards one.

Just noting it here, as we need to specify the generator for Generator(), for internal edwards operations. Although, decoding the ristretto encoding into edwards should do the trick.

I'm not sure if the authors are going to specify in a different way the addition, negation, and the derived subtraction and (multi-)scalar multiplication, but I'll follow the ed25519 ones.

On decaf448, they are using edwards448 as defined RFC7748.

[claucece]

Closing this. See #163