[tahoe-dev] Down with ECDSA

Wei Dai weidai at weidai.com
Mon Aug 24 12:55:24 PDT 2009


Note that specific hand-picked curves can be much faster than random curves 
(like the Brainpool ones). Crypto++'s general elliptic curve code isn't 
terribly efficient, which makes this worse.

According to Tanja Lange's earlier post, NACL will have digitial signatures, 
presumably on a fast curve, and I plan to implement it too in Crypto++ after 
they release the code or specification. So if speed is a big concern, you 
might want to either wait for that, or plan an upgrade path. It should be 
around 5-10 times faster than the current ECDSA implementation in Crypto++ 
with Brainpool curve. 



More information about the tahoe-dev mailing list