While Curve 25519 gives us 128-bit security, Curve 448 (or Curve448-Goldilocks) offers 224 bits of security. The prime number used is \(p = 2^{448} − 2^{224} − 1\), and which is defined as the Goldilocks prime is uses the golden ratio \(\phi ≡ 2^{224}\). The curve used is an untwisted Edwards curve: \(y^2 + x^2 = 1 − 39081x^2y^2\) [here]. In this case we will perform a key exchange using X448 [X448 Python].
ECDH with Curve X448 using Go |
ECDH and Curve X448
Curve 25519, as used with Tor, OpenSSH and many other applications, uses a Montgomery curve of \(y^2 = x^3 + 486662 x^2 + x\) [here] and a prime number of \(p = 2^{255} − 19\):
With ECDH, we refer to the curve as X25519. So while Curve 25519 gives us 128-bit security, Curve 448 (or Curve448-Goldilocks) offers 224 bits of security. The prime number used is \(p = 2^{448} − 2^{224} − 1\), and which is defined as the Goldilocks prime as it uses the golden ratio \(\phi ≡ 2^{224}\). The curve used is an untwisted Edwards curve: \(y^2 + x^2 = 1 − 39081x^2y^2\) [here]:
Coding
So here is a basic Go program to implement:
package main import ( "crypto/rand" "fmt" "io" "github.com/cloudflare/circl/dh/x448" ) func main() { var AliceSecret, BobSecret, AlicePublic, BobPublic, AliceShared, BobShared x448.Key _, _ = io.ReadFull(rand.Reader, AliceSecret[:]) x448.KeyGen(&AlicePublic, &AliceSecret) _, _ = io.ReadFull(rand.Reader, BobSecret[:]) x448.KeyGen(&BobPublic, &BobSecret) _ = x448.Shared(&AliceShared, &AliceSecret, &BobPublic) _ = x448.Shared(&BobShared, &BobSecret, &AlicePublic) fmt.Printf("Alice Secret %x\nAlice Public %x\n\n",AliceSecret,AlicePublic) fmt.Printf("Bob Secret %x\nBob Public %x\n\n",BobSecret,BobPublic) fmt.Printf("\nBob Shared %x\n\nAlice Shared %x",AliceShared,BobShared) }
A sample run is:
Alice Secret 74048772585ada2234dec2a64392481b15f1bd4bbc8ac104d4b78b11e12373727f2a4fc0f8d2a0e4284fd251ee4f09720c821eb7b42070f8 Alice Public da5367818e162e97816073a6b154627aebb7d7882799c4444e21b679060cb8079ee921dccb12513743e2bc929eb41b28e2bea1266c87abf4 Bob Secret 1c8a1259f95ca33a7560e0b59f84f543411a2625e92aace4fb3aaa2f2ed02ebb3284660cdde1a11913147d834f3a22100d25ddad6bb3c83c Bob Public ec68e505b59554a4732670730edfb700f0737ca6c811d0a6676c5d378c1e91a8fc777f2999f8d17938c07a5e691a504282f31a9d00ba0bb7 Bob Shared 91bc39930f8691fd517f875eceb3c5cf16b461bd7f3f2149c4a8060926ff0292ebe072d8cfe1c7166315f8a21b02d17996e6bcabdda42796 Alice Shared 91bc39930f8691fd517f875eceb3c5cf16b461bd7f3f2149c4a8060926ff0292ebe072d8cfe1c7166315f8a21b02d17996e6bcabdda42796