This pages organises information about EdDSA and related topics that can be useful for implementors. It is meant as a helpful reference for maintainers.
Curves and Crypto Primitives
- [ed25519]: "High-speed high-security signatures", Bernstein & al., 2011 - the original paper
- [eddsa]: "EdDSA for more curves", Bernstein & al., 2015 - follow-up
- [rfc7748]: "Elliptic Curves for Security", IRTF, 2016
- [rfc8032]: "Edwards-Curve Digital Signature Algorithm (EdDSA)", IRTF, 2017
- [efd]: "Explicit-Formulas Database", Bernstein, Lange & al.
- [safecurves]: "SafeCurves: choosing safe curves for elliptic-curve cryptography", Bernstein & Lange.
Uses in X.509 and related formats
- [rfc8410]: "Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure", IETF, 2018 (formerly draft-ietf-curdle-pkix, draft-ietf-curdle-pkix-newcurves, draft-ietf-curdle-pkix-eddsa)
- [cab169]: "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates" v1.6.9, March 2020-- does not list EdDSA as an algorithm (yet)
- [eddsa-pki-ossl]: "Guide for building an EDDSA pki" (with OpenSSL), 2020
- [rfc8419]: "Use of EdDSA Signatures in the Cryptographic Message Syntax (CMS)", IETF, 2018.
Uses in TLS
- [rfc8422]: "ECC Cipher Suites for TLS Versions 1.2 and Earlier", IETF, 2018
- [rfc8446]: "The Transport Layer Security (TLS) Protocol Version 1.3", IETF, 2018