monero-project/monero-docs
monero-project/monero-docs
2
1
Fork 0
mirror of https://github.com/monero-project/monero-docs.git synced 2025-01-10 12:54:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
monero-docs/public/cryptography/asymmetric/edwards25519/index.html

1204 lines
31 KiB
HTML
Raw Normal View History

Build to /public in preparation for self-hosting
2021-01-21 14:52:04 +00:00
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="Unofficial Monero Documentation">
<meta name="author" content="Piotr 'Qertoip' Włodarek">
<link rel="canonical" href="https://monerodocs.org/cryptography/asymmetric/edwards25519/">
<link rel="shortcut icon" href="../../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.1.2, mkdocs-material-6.2.5">
<title>Edwards25519 Elliptic Curve - Monero Documentation</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.15aa0b43.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/palette.75751829.min.css">
<meta name="theme-color" content="#ffffff">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback">
<style>body,input{font-family:"Roboto",-apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Roboto Mono",SFMono-Regular,Consolas,Menlo,monospace}</style>
<link rel="stylesheet" href="../../../overrides.css">
</head>
<body dir="ltr" data-md-color-scheme="" data-md-color-primary="white" data-md-color-accent="indigo">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#edwards25519-elliptic-curve" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header-nav md-grid" aria-label="Header">
<a href="https://monerodocs.org" title="Monero Documentation" class="md-header-nav__button md-logo" aria-label="Monero Documentation">
<img src="../../../images/monero.svg" alt="logo">
</a>
<label class="md-header-nav__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg>
</label>
<div class="md-header-nav__title" data-md-component="header-title">
<div class="md-header-nav__ellipsis">
<div class="md-header-nav__topic">
<span class="md-ellipsis">
Monero Documentation
</span>
</div>
<div class="md-header-nav__topic">
<span class="md-ellipsis">
Edwards25519 Elliptic Curve
</span>
</div>
</div>
</div>
<label class="md-header-nav__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" data-md-state="active" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</label>
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" data-md-component="search-reset" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
</button>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header-nav__source">
<a href="https://github.com/monerodocs/md/" title="Go to repository" class="md-source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg>
</div>
<div class="md-source__repository">
monerodocs/md
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="https://monerodocs.org" title="Monero Documentation" class="md-nav__button md-logo" aria-label="Monero Documentation">
<img src="../../../images/monero.svg" alt="logo">
</a>
Monero Documentation
</label>
<div class="md-nav__source">
<a href="https://github.com/monerodocs/md/" title="Go to repository" class="md-source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg>
</div>
<div class="md-source__repository">
monerodocs/md
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../.." class="md-nav__link">
Home
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-2" type="checkbox" id="nav-2" >
<label class="md-nav__link" for="nav-2">
Interacting
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Interacting" data-md-level="1">
<label class="md-nav__title" for="nav-2">
<span class="md-nav__icon md-icon"></span>
Interacting
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../interacting/download-monero-binaries/" class="md-nav__link">
Download
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/verify-monero-binaries/" class="md-nav__link">
Verify
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/overview/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monero-config-file/" class="md-nav__link">
Config file
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monerod-reference/" class="md-nav__link">
monerod
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monero-wallet-cli-reference/" class="md-nav__link">
monero-wallet-cli
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monero-wallet-gui-reference/" class="md-nav__link">
monero-wallet-gui
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monero-wallet-rpc-reference/" class="md-nav__link">
monero-wallet-rpc
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monero-blockchain-export-reference/" class="md-nav__link">
monero-blockchain-export
</a>
</li>
<li class="md-nav__item">
<a href="../../../interacting/monero-blockchain-import-reference/" class="md-nav__link">
monero-blockchain-import
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../technical-specs/" class="md-nav__link">
Technical specs
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-4" type="checkbox" id="nav-4" checked>
<label class="md-nav__link" for="nav-4">
Cryptography
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Cryptography" data-md-level="1">
<label class="md-nav__title" for="nav-4">
<span class="md-nav__icon md-icon"></span>
Cryptography
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../introduction/" class="md-nav__link">
Introduction
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-4-2" type="checkbox" id="nav-4-2" checked>
<label class="md-nav__link" for="nav-4-2">
Asymmetric
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Asymmetric" data-md-level="2">
<label class="md-nav__title" for="nav-4-2">
<span class="md-nav__icon md-icon"></span>
Asymmetric
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../introduction/" class="md-nav__link">
Introduction
</a>
</li>
<li class="md-nav__item">
<a href="../private-key/" class="md-nav__link">
Private keys
</a>
</li>
<li class="md-nav__item">
<a href="../public-key/" class="md-nav__link">
Public keys
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
Edwards25519 curve
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Edwards25519 curve
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="#definition" class="md-nav__link">
Definition
</a>
<nav class="md-nav" aria-label="Definition">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#curve-equation" class="md-nav__link">
Curve equation
</a>
</li>
<li class="md-nav__item">
<a href="#base-point-g" class="md-nav__link">
Base point: G
</a>
</li>
<li class="md-nav__item">
<a href="#prime-order-of-the-base-point-l" class="md-nav__link">
Prime order of the base point: l
</a>
</li>
<li class="md-nav__item">
<a href="#total-number-of-points-on-the-curve" class="md-nav__link">
Total number of points on the curve
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#implementation" class="md-nav__link">
Implementation
</a>
</li>
<li class="md-nav__item">
<a href="#reference" class="md-nav__link">
Reference
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../key-image/" class="md-nav__link">
Key image
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../base58/" class="md-nav__link">
Base58
</a>
</li>
<li class="md-nav__item">
<a href="../../prng/" class="md-nav__link">
PRNG
</a>
</li>
<li class="md-nav__item">
<a href="../../keccak-256/" class="md-nav__link">
Keccak-256
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-5" type="checkbox" id="nav-5" >
<label class="md-nav__link" for="nav-5">
Address
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Address" data-md-level="1">
<label class="md-nav__title" for="nav-5">
<span class="md-nav__icon md-icon"></span>
Address
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../public-address/standard-address/" class="md-nav__link">
Standard
</a>
</li>
<li class="md-nav__item">
<a href="../../../public-address/subaddress/" class="md-nav__link">
Subaddress
</a>
</li>
<li class="md-nav__item">
<a href="../../../public-address/integrated-address/" class="md-nav__link">
Integrated
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-6" type="checkbox" id="nav-6" >
<label class="md-nav__link" for="nav-6">
Proof of Work
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Proof of Work" data-md-level="1">
<label class="md-nav__title" for="nav-6">
<span class="md-nav__icon md-icon"></span>
Proof of Work
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../proof-of-work/what-is-pow/" class="md-nav__link">
What is PoW?
</a>
</li>
<li class="md-nav__item">
<a href="../../../proof-of-work/pow-in-cryptocurrencies/" class="md-nav__link">
PoW in Cryptocurrencies
</a>
</li>
<li class="md-nav__item">
<a href="../../../proof-of-work/cryptonight/" class="md-nav__link">
CryptoNight
</a>
</li>
<li class="md-nav__item">
<a href="../../../proof-of-work/random-x/" class="md-nav__link">
RandomX
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../../multisignature/" class="md-nav__link">
Multisignature
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-8" type="checkbox" id="nav-8" >
<label class="md-nav__link" for="nav-8">
Infrastructure
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Infrastructure" data-md-level="1">
<label class="md-nav__title" for="nav-8">
<span class="md-nav__icon md-icon"></span>
Infrastructure
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../infrastructure/networks/" class="md-nav__link">
Mainnet, stagenet, testnet
</a>
</li>
<li class="md-nav__item">
<a href="../../../infrastructure/tor-onion-p2p-seed-nodes/" class="md-nav__link">
Tor onion seed nodes
</a>
</li>
<li class="md-nav__item">
<a href="../../../infrastructure/monero-pulse/" class="md-nav__link">
MoneroPulse
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-9" type="checkbox" id="nav-9" >
<label class="md-nav__link" for="nav-9">
Running a Node
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Running a Node" data-md-level="1">
<label class="md-nav__title" for="nav-9">
<span class="md-nav__icon md-icon"></span>
Running a Node
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../running-node/open-node-tor-onion/" class="md-nav__link">
Open Node + Tor Onion
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle" data-md-toggle="nav-10" type="checkbox" id="nav-10" >
<label class="md-nav__link" for="nav-10">
Accepting Monero
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Accepting Monero" data-md-level="1">
<label class="md-nav__title" for="nav-10">
<span class="md-nav__icon md-icon"></span>
Accepting Monero
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../../accepting-monero/overview/" class="md-nav__link">
Overview
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="#definition" class="md-nav__link">
Definition
</a>
<nav class="md-nav" aria-label="Definition">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#curve-equation" class="md-nav__link">
Curve equation
</a>
</li>
<li class="md-nav__item">
<a href="#base-point-g" class="md-nav__link">
Base point: G
</a>
</li>
<li class="md-nav__item">
<a href="#prime-order-of-the-base-point-l" class="md-nav__link">
Prime order of the base point: l
</a>
</li>
<li class="md-nav__item">
<a href="#total-number-of-points-on-the-curve" class="md-nav__link">
Total number of points on the curve
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#implementation" class="md-nav__link">
Implementation
</a>
</li>
<li class="md-nav__item">
<a href="#reference" class="md-nav__link">
Reference
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content">
<article class="md-content__inner md-typeset">
<a href="https://github.com/monerodocs/md/edit/master/docs/cryptography/asymmetric/edwards25519.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
</a>
<h1 id="edwards25519-elliptic-curve">Edwards25519 Elliptic Curve<a class="headerlink" href="#edwards25519-elliptic-curve" title="Permanent link">&para;</a></h1>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Author is nowhere close to being a cryptographer. Be sceptical on accuracy.</p>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>This article is only about the underlying curve. Public key derivation and signing algorithm will be treated separately. </p>
</div>
<p>Monero employs edwards25519 elliptic curve as a basis for its key pair generation.</p>
<p>The curve comes from the Ed25519 signature scheme. While Monero takes the curve unchanged, it does not exactly follow rest of the Ed25519.</p>
<p>The edwards25519 curve is <a href="https://tools.ietf.org/html/rfc7748#section-4.1">birationally equivalent to Curve25519</a>.</p>
<h2 id="definition">Definition<a class="headerlink" href="#definition" title="Permanent link">&para;</a></h2>
<p>This is the standard edwards25519 curve definition, no Monero specific stuff here,
except the naming convention. The convention comes from the CryptoNote
whitepaper and is widely used in Monero literature.</p>
<h3 id="curve-equation">Curve equation<a class="headerlink" href="#curve-equation" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code>x^2 + y^2 = 1 (121665/121666) * x^2 * y^2
</code></pre></div>
<p>Note:</p>
<ul>
<li>curve is in two dimensions (nothing fancy, like all the curves is high school)</li>
<li>curve is mirrored below y axis due to <code>y^2</code> part of the equation (not a polynomial)</li>
</ul>
<h3 id="base-point-g">Base point: <code>G</code><a class="headerlink" href="#base-point-g" title="Permanent link">&para;</a></h3>
<p>The base point is a specific point on the curve. It is used
as a basis for further calculations. It is an arbitrary choice
by the curve authors, just to standardize the scheme.</p>
<p>Note that it is enough to specify the y value and the sign of the x value.
That's because the specific x can be calculated from the curve equation.</p>
<div class="highlight"><pre><span></span><code>G = (x, 4/5) # take the point with the positive x
# The hex representation of the base point
5866666666666666666666666666666666666666666666666666666666666666
</code></pre></div>
<h3 id="prime-order-of-the-base-point-l">Prime order of the base point: <code>l</code><a class="headerlink" href="#prime-order-of-the-base-point-l" title="Permanent link">&para;</a></h3>
<p>In layment terms, the "canvas" where the curve is drawn is assumed
to have a finite "resolution", so point coordinates must "wrap around"
at some point. This is achieved by modulo the <code>l</code> value (lowercase L).
In other words, the <code>l</code> defines the maximum scalar we can use.</p>
<div class="highlight"><pre><span></span><code>l = 2^252 + 27742317777372353535851937790883648493
# =&gt; 7237005577332262213973186563042994240857116359379907606001950938285454250989
</code></pre></div>
<p>The <code>l</code> is a prime number specified by the curve authors.</p>
<p>In practice this is the private key's strength.</p>
<h3 id="total-number-of-points-on-the-curve">Total number of points on the curve<a class="headerlink" href="#total-number-of-points-on-the-curve" title="Permanent link">&para;</a></h3>
<p>The total number of points on the curve is also a prime number:</p>
<div class="highlight"><pre><span></span><code>q = 2^255 - 19
</code></pre></div>
<p>In practice not all points are "useful" and so the private key strength is limited to <code>l</code> describe above.</p>
<h2 id="implementation">Implementation<a class="headerlink" href="#implementation" title="Permanent link">&para;</a></h2>
<p>Monero uses (apparently modified) Ref10 implementation by Daniel J. Bernstein.</p>
<h2 id="reference">Reference<a class="headerlink" href="#reference" title="Permanent link">&para;</a></h2>
<ul>
<li><a href="https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/">A (Relatively Easy To Understand) Primer on Elliptic Curve Cryptography</a></li>
<li><a href="https://tools.ietf.org/html/rfc8032">RFC 8032 defining EdDSA</a></li>
<li><a href="https://steemit.com/monero/@luigi1111/understanding-monero-cryptography-privacy-introduction">Understanding Monero Cryptography</a> - excellent writeup by Luigi</li>
<li><a href="https://monero.stackexchange.com/questions/2290/why-how-does-monero-generate-public-ed25519-keys-without-using-the-standard-publ">StackOverflow answer</a></li>
<li><a href="https://github.com/monero-project/mininero/blob/master/ed25519.py">Python implementation</a> - not the reference one but easier to understand</li>
<li><a href="https://monero.stackexchange.com/questions/6050/what-is-the-base-point-g-from-the-whitepaper-and-how-is-it-represented-as-a">Encoding point to hex</a></li>
<li><a href="https://en.wikipedia.org/wiki/EdDSA">EdDSA on Wikipedia</a></li>
</ul>
</article>
</div>
</div>
</main>
<footer class="md-footer">
<div class="md-footer-nav">
<nav class="md-footer-nav__inner md-grid" aria-label="Footer">
<a href="../public-key/" class="md-footer-nav__link md-footer-nav__link--prev" rel="prev">
<div class="md-footer-nav__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</div>
<div class="md-footer-nav__title">
<div class="md-ellipsis">
<span class="md-footer-nav__direction">
Previous
</span>
Public keys
</div>
</div>
</a>
<a href="../key-image/" class="md-footer-nav__link md-footer-nav__link--next" rel="next">
<div class="md-footer-nav__title">
<div class="md-ellipsis">
<span class="md-footer-nav__direction">
Next
</span>
Key image
</div>
</div>
<div class="md-footer-nav__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg>
</div>
</a>
</nav>
</div>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-footer-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<script src="../../../assets/javascripts/vendor.93c04032.min.js"></script>
<script src="../../../assets/javascripts/bundle.83e5331e.min.js"></script><script id="__lang" type="application/json">{"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing"}</script>
<script>
app = initialize({
base: "../../..",
features: [],
search: Object.assign({
worker: "../../../assets/javascripts/worker/search.8c7e0a7e.min.js"
}, typeof search !== "undefined" && search)
})
</script>
</body>
</html>
Reference in a new issue Copy permalink