@inproceedings{brendel_provable_2021, address = {San Francisco, CA, USA}, title = {The {Provable} {Security} of {Ed25519}: {Theory} and {Practice}}, isbn = {978-1-72818-934-5}, shorttitle = {The {Provable} {Security} of {Ed25519}}, url = {https://ieeexplore.ieee.org/document/9519456/}, doi = {10.1109/SP40001.2021.00042}, abstract = {A standard requirement for a signature scheme is that it is existentially unforgeable under chosen message attacks (EUF-CMA), alongside other properties of interest such as strong unforgeability (SUF-CMA), and resilience against key substitution attacks.}, language = {en}, urldate = {2023-02-16}, booktitle = {2021 {IEEE} {Symposium} on {Security} and {Privacy} ({SP})}, publisher = {IEEE}, author = {Brendel, Jacqueline and Cremers, Cas and Jackson, Dennis and Zhao, Mang}, month = may, year = {2021}, pages = {1659--1676}, file = {Brendel et al. - 2021 - The Provable Security of Ed25519 Theory and Pract.pdf:/home/rixxc/Zotero/storage/6I9NJFIX/Brendel et al. - 2021 - The Provable Security of Ed25519 Theory and Pract.pdf:application/pdf}, } @techreport{moody_digital_2023, address = {Gaithersburg, MD}, title = {Digital {Signature} {Standard} ({DSS})}, url = {https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf}, language = {en}, number = {NIST FIPS 186-5}, urldate = {2023-02-16}, institution = {National Institute of Standards and Technology}, author = {Moody, Dustin}, year = {2023}, doi = {10.6028/NIST.FIPS.186-5}, pages = {NIST FIPS 186--5}, file = {Moody - 2023 - Digital Signature Standard (DSS).pdf:/home/rixxc/Zotero/storage/5947EJ57/Moody - 2023 - Digital Signature Standard (DSS).pdf:application/pdf}, } @article{bernstein_high-speed_nodate, title = {High-speed high-security signatures}, abstract = {This paper shows that a \$390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 108000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software sidechannel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.}, language = {en}, author = {Bernstein, Daniel J and Duif, Niels and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin}, file = {Bernstein et al. - High-speed high-security signatures.pdf:/home/rixxc/Zotero/storage/2JAYEHFU/Bernstein et al. - High-speed high-security signatures.pdf:application/pdf}, } @article{bernstein_eddsa_nodate, title = {{EdDSA} for more curves}, author = {Bernstein, Daniel J. and Josefsson, Simon and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin}, file = {eddsa-20150704.pdf:/home/rixxc/Zotero/storage/JK693Q38/eddsa-20150704.pdf:application/pdf}, } @techreport{josefsson_edwards-curve_2017, type = {Request for {Comments}}, title = {Edwards-{Curve} {Digital} {Signature} {Algorithm} ({EdDSA})}, url = {https://datatracker.ietf.org/doc/rfc8032}, abstract = {This document describes elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). The algorithm is instantiated with recommended parameters for the edwards25519 and edwards448 curves. An example implementation and test vectors are provided.}, number = {RFC 8032}, urldate = {2023-02-22}, institution = {Internet Engineering Task Force}, author = {Josefsson, Simon and Liusvaara, Ilari}, month = jan, year = {2017}, doi = {10.17487/RFC8032}, note = {Num Pages: 60}, file = {Full Text PDF:/home/rixxc/Zotero/storage/U24MZYBY/Josefsson and Liusvaara - 2017 - Edwards-Curve Digital Signature Algorithm (EdDSA).pdf:application/pdf}, }