Curve448
In cryptography, Curve448 or Curve448-Goldilocks is an elliptic curve potentially offering 224 bits of security and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. Developed by Mike Hamburg of Rambus Cryptography Research, Curve448 allows fast performance compared with other proposed curves with comparable security.[1] The reference implementation is available under an MIT license.[2] The curve is favored by the Internet Research Task Force Crypto Forum Research Group (IRTF CFRG) for inclusion in future TLS standards along with Curve25519. In 2017, NIST announced that Curve25519 and Curve448 would be added to Special Publication 800-186, which specifies approved elliptic curves for use by the US Federal Government.[3] Both are described in RFC 7748.
Mathematical properties
Hamburg chose the Solinas trinomial prime p = 2448 − 2224 − 1, calling it a “Goldilocks” prime “because its form defines the golden ratio φ ≡ 2224.” The main advantage of a golden-ratio prime is fast Karatsuba multiplication.
The curve Hamburg used is an untwisted Edwards curve Ed : y2 +x2 = 1+dx2y2 y2 + x2 = 1 − 39081x2y2. The constant d = −39081 was chosen as the smallest absolute value that had the required mathematical properties, thus a nothing up my sleeve number.
Curve448 is constructed such that it avoids many potential implementation pitfalls.[4]
References
- ^ Ed448-Goldilocks, a new elliptic curve, Mike Hamburg, 2015
- ^ http://sourceforge. net/p/ed448goldilocks/code/ci/decaf/tree/
- ^ "Transition Plans for Key Establishment Schemes".
- ^ "SafeCurves: Introduction". safecurves.cr.yp.to. Retrieved 2018-02-23.
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |