noloader
commented
6 years ago We've got a semi-working curve25519 implementation on a testing clone. There are a few problems, though. First, the curve is not passing acceptance testing. Our questions about the issues on the eBATS went unanswered. Second, the prehashed curves fit well in the Crypto++ library but the non-prehashed do not. Third we are still not sure of some of the design changes needed to accommodate the curves. The prehashed will fit OK within the framework, but we are still searching for a way to fit the non-prehashed signatures. Fourth, we have not cut-in x25519 key exchange.
The following page gives a list of safe curves to use with ECC:
http://safecurves.cr.yp.to/
As far as I can see, Crypto++ doesn't currently implement any of the safe curves listed on that page (e.g. Curve25519), and a lot of the curves that are implemented have known issues (e.g. secp256k1).
I'm no expert, but would I be right in thinking that the work that needs doing is: (1) adding a new OID to
oids.h, and (2) adding the curve parameters toeccrypto.cpp?