[Cryptech Tech] Ed25519 use case

Wouter Kuhnen w.j.a.kuhnen at student.ru.nl
Wed Aug 23 10:44:01 UTC 2017


Hello all,

For Ed25519; what is the general use case for signing? I am working on an
implementation and wondering if it's useful to (only) sign messages of constant
length (i.e hashes of messages).

I have two reasons to favor constant-length messages:
    - Simplicity: less things can go wrong with SHA-512 (input padding mostly).
    - Storage constraints: Long messages will need to be send twice to the FPGA.

The downside is that any collision in the hash function used on the signers side
will lead to identical signatures.

- Wouter



More information about the Tech mailing list