For faster navigation, this Iframe is preloading the Wikiwand page for Curve25519.

Curve25519

此條目翻譯品質不佳,原文在en:Curve25519。翻譯者可能不熟悉中文或原文語言,也可能使用了機器翻譯。請協助翻譯本條目或重新編寫,并注意避免翻译腔的问题。明顯拙劣的翻譯請改掛((d|G13))提交刪除。

密码学中,Curve25519是一种椭圆曲线,被设计用于椭圆曲线迪菲-赫尔曼(ECDH)密钥交换方法,可用作提供256位元的安全金鑰。它是不被任何已知专利覆盖的最快ECC曲线之一。[1][2]

最初的Curve25519草稿将其定义成一个迪菲-赫尔曼(DH)函数。在那之后Daniel J. Bernstein提出Curve25519应被作为底层曲线的名称,而将X25519作为其DH函数的名称。[3]

數學屬性

[编辑]

所用的曲線是y2 = x3 + 486662x2 + x,蒙哥馬利曲線,在由素數2255 − 19定義的素數場的二次擴展上,並且使用基點x = 9。這個基點的階數[4].

該協議使用壓縮橢圓點(僅X座標),因此它允許在ECDH中高效地使用Montgomery梯子,僅使用XZ座標。[5]

Curve25519的構造使其避免了許多潛在的實現缺陷。[6] 根據設計,它不受定時攻擊的影響,並且它接受任何32字節的字符串作為有效的公鑰,並且不需要驗證。

該曲線在雙有理幾何上等同於Ed25519英语Ed25519簽名方案中使用的扭曲Edwards曲線。[7]

普及

[编辑]

[编辑]

协议

[编辑]

应用

[编辑]

脚注

[编辑]
  1. ^ 從Windows 10 (1607)及Windows Server 2016開始使用。
  2. ^ 2.0 2.1 2.2 Via the OMEMO protocol
  3. ^ Only in "secret conversations"
  4. ^ 4.0 4.1 4.2 4.3 Via the Signal Protocol
  5. ^ Only in "incognito mode"
  6. ^ Used to sign releases and packages[32][33]
  7. ^ Exclusive key exchange in OpenSSH 6.7 when compiled without OpenSSL.[34][35]

参见

[编辑]

引用

[编辑]
  1. ^ Bernstein. Irrelevant patents on elliptic-curve cryptography. cr.yp.to. [2016-02-08]. (原始内容存档于2017-08-25). 
  2. ^ A state-of-the-art Diffie-Hellman function页面存档备份,存于互联网档案馆) by Daniel J. Bernstein"My curve25519 library computes the Curve25519 function at very high speed. The library is in the public domain. "
  3. ^ [Cfrg] 25519 naming. [2016-02-25]. (原始内容存档于2018-04-08). 
  4. ^ Bernstein, Daniel J. Yung, Moti; Dodis, Yevgeniy; Kiayias, Aggelos; et al , 编. Curve25519: New Diffie-Hellman Speed Records (PDF). Public Key Cryptography. Lecture Notes in Computer Science 3958. New York: Springer: 207–228. 2006 [2019-10-22]. ISBN 978-3-540-33851-2. MR 2423191. doi:10.1007/11745853_14. (原始内容存档 (PDF)于2020-01-22). 
  5. ^ Lange, Tanja. EFD / Genus-1 large-characteristic / XZ coordinates for Montgomery curves. EFD / Explicit-Formulas Database. [8 February 2016]. (原始内容存档于2017-03-09). 
  6. ^ SafeCurves: Introduction. safecurves.cr.yp.to. [2016-02-08]. (原始内容存档于2017-09-05). 
  7. ^ Bernstein, Daniel J.; Lange, Tanja. Kurosawa, Kaoru , 编. Faster addition and doubling on elliptic curves. Advances in cryptology—ASIACRYPT. Lecture Notes in Computer Science 4833. Berlin: Springer: 29–50. 2007 [2018-12-10]. ISBN 978-3-540-76899-9. MR 2565722. doi:10.1007/978-3-540-76900-2_3. (原始内容存档于2018-12-15). 
  8. ^ Werner Koch. Libgcrypt 1.7.0 release announcement. 15 April 2016 [22 April 2016]. (原始内容存档于2017-01-22). 
  9. ^ 9.0 9.1 9.2 9.3 9.4 9.5 9.6 SSH implementation comparison. Comparison of key exchange methods. [2016-02-25]. (原始内容存档于2017-09-24). 
  10. ^ Introduction. yp.to. [11 December 2014]. (原始内容存档于2017-10-07). 
  11. ^ nettle: curve25519.h File Reference - doxygen documentation | Fossies Dox. fossies.org. [2015-05-19]. (原始内容存档于2015-05-20). 
  12. ^ Limited, ARM. PolarSSL 1.3.3 released - Tech Updates - mbed TLS (Previously PolarSSL). tls.mbed.org. [2015-05-19]. (原始内容存档于2017-01-22). 
  13. ^ wolfSSL Embedded SSL/TLS Library - wolfSSL Products. [2018-05-01]. (原始内容存档于2017-09-08). 
  14. ^ Botan: src/lib/pubkey/curve25519/curve25519.cpp Source File. botan.randombit.net. [2018-05-01]. (原始内容存档于2017-12-10). 
  15. ^ Justinha. TLS (Schannel SSP). docs.microsoft.com. [2017-09-15]. (原始内容存档于2018-02-28) (美国英语). 
  16. ^ Denis, Frank. Introduction · libsodium. libsodium.org. [2020-09-25]. (原始内容存档于2019-09-24). 
  17. ^ Inc., OpenSSL Foundation,. OpenSSL. www.openssl.org. [2016-06-24]. (原始内容存档于2018-03-17). 
  18. ^ Add support for ECDHE with X25519. · openbsd/src@0ad90c3. GitHub. [2018-05-01]. (原始内容存档于2018-04-22). 
  19. ^ Tclers Wiki - NaCl for Tcl. [2018-05-01]. (原始内容存档于2017-12-09). 
  20. ^ NSS 3.28 release notes. [25 July 2017]. (原始内容存档于2017-12-09). 
  21. ^ Monocypher Manual. [2017-08-03]. (原始内容存档于2017-10-19). 
  22. ^ Straub, Andreas. OMEMO Encryption. conversations.im. 25 October 2015 [2018-05-01]. (原始内容存档于2017-03-13). 
  23. ^ Cryptocat - Security. crypto.cat. [2016-05-24]. (原始内容存档于2016-04-07). 
  24. ^ Frank Denis. DNSCrypt version 2 protocol specification. [2016-03-03]. (原始内容存档于2015-08-13). 
  25. ^ Matt Johnston. Dropbear SSH - Changes. [2016-02-25]. (原始内容存档于2018-03-23). 
  26. ^ Bahtiar Gadimov; et al. Gajim plugin for OMEMO Multi-End Message and Object Encryption. [2016-10-01]. (原始内容存档于2017-12-17). 
  27. ^ GNUnet 0.10.0. gnunet.org. [11 December 2014]. (原始内容存档于2017-12-09). 
  28. ^ zzz. 0.9.15 Release - Blog. 2014-09-20 [20 December 2014]. (原始内容存档于2017-06-28). 
  29. ^ 存档副本. [2018-12-05]. (原始内容存档于2019-02-15). 
  30. ^ iOS Security Guide (PDF). [2018-05-01]. (原始内容存档 (PDF)于2018-04-13). 
  31. ^ MRL-0003 - Monero is Not That Mysterious (PDF). getmonero.com. [2018-12-05]. (原始内容 (PDF)存档于2019-05-01). 
  32. ^ Murenin, Constantine A. Soulskill , 编. OpenBSD Moving Towards Signed Packages — Based On D. J. Bernstein Crypto. Slashdot. 2014-01-19 [2014-12-27]. (原始内容存档于2016-03-04). 
  33. ^ Murenin, Constantine A. timothy , 编. OpenBSD 5.5 Released. Slashdot. 2014-05-01 [2014-12-27]. (原始内容存档于2017-05-05). 
  34. ^ Friedl, Markus. ssh/kex.c#kexalgs. BSD Cross Reference, OpenBSD src/usr.bin/. 2014-04-29 [2014-12-27]. (原始内容存档于2017-12-09). 
  35. ^ Murenin, Constantine A. Soulskill , 编. OpenSSH No Longer Has To Depend On OpenSSL. Slashdot. 2014-04-30 [2014-12-26]. (原始内容存档于2016-06-24). 
  36. ^ How does Peerio implement end-to-end encryption?. Peerio. [2018-05-01]. (原始内容存档于2017-12-09). 
  37. ^ PuTTY Change Log. www.chiark.greenend.org.uk. [2018-05-01]. (原始内容存档于2018-02-02). 
  38. ^ Threema Cryptography Whitepaper (PDF). [2018-05-01]. (原始内容 (PDF)存档于2017-09-21). 
  39. ^ Roger Dingledine & Nick Mathewson. Tor's Protocol Specifications - Blog. [20 December 2014]. (原始内容存档于2018-11-15). 
  40. ^ Viber Encryption Overview. Viber. 3 May 2016 [24 September 2016]. (原始内容存档于2016-10-24). 

外部链接

[编辑]
分类
{{bottomLinkPreText}} {{bottomLinkText}}
This page is based on a Wikipedia article written by contributors (read/edit).
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.
Cover photo is available under {{::mainImage.info.license.name || 'Unknown'}} license. Cover photo is available under {{::mainImage.info.license.name || 'Unknown'}} license. Credit: (see original file).
Curve25519
Listen to this article

This browser is not supported by Wikiwand :(
Wikiwand requires a browser with modern capabilities in order to provide you with the best reading experience.
Please download and use one of the following browsers:

This article was just edited, click to reload
This article has been deleted on Wikipedia (Why?)

Back to homepage

Please click Add in the dialog above
Please click Allow in the top-left corner,
then click Install Now in the dialog
Please click Open in the download dialog,
then click Install
Please click the "Downloads" icon in the Safari toolbar, open the first download in the list,
then click Install
{{::$root.activation.text}}

Install Wikiwand

Install on Chrome Install on Firefox
Don't forget to rate us

Tell your friends about Wikiwand!

Gmail Facebook Twitter Link

Enjoying Wikiwand?

Tell your friends and spread the love:
Share on Gmail Share on Facebook Share on Twitter Share on Buffer

Our magic isn't perfect

You can help our automatic cover photo selection by reporting an unsuitable photo.

This photo is visually disturbing This photo is not a good choice

Thank you for helping!


Your input will affect cover photo selection, along with input from other users.

X

Get ready for Wikiwand 2.0 🎉! the new version arrives on September 1st! Don't want to wait?