Switch from Secp256k1 to Curve25519 or Curve448

nucypher / zerodb

*This project is no longer actively maintained. If you'd like to become the maintainer, please let us know.* ZeroDB is an end-to-end encrypted database. Data can be stored and queried on untrusted database servers without ever exposing the encryption key. Clients can execute remote queries against the encrypted data without downloading all of it or suffering an excessive performance hit.

GNU Affero General Public License v3.0

1.56k stars 102 forks source link

Switch from Secp256k1 to Curve25519 or Curve448 #17

Closed mswilkison closed 8 years ago

mswilkison commented 8 years ago

Both are now an official standards: https://www.rfc-editor.org/info/rfc7748

michwill commented 8 years ago

I believe, Curve25519 makes sense by default since it's the fastest and de-facto standard of ECC these days. 448 is also safe but 3 times slower iirc

michwill commented 8 years ago

Actually, we use asymmetric crypto only during auth, so performance doesn't matter. That becomes unnecessary when we wrap everything into SSL (which we should do, even though everything is already encrypted) (so, particular crypto parameters will be a part of the certificate)

michwill commented 8 years ago

Using standard SSL now