Image for post
Image for post
Photo by Markus Spiske on Unsplash

You’ve Heard of X25519, But What’s So Special About X448?

2⁴⁴⁸-2²²⁴-1

Prof Bill Buchanan OBE
Apr 7 · 2 min read

Elliptic curve methods are now used extensively in cybersecurity, and your connection to this web page probably uses elliptic curve methods for its key exchange. Normally for a secure connection, we will use something like AES for the main encryption, and where the key is negotiated with ECDH (Elliptic Curve Diffie Hellman).

So you may have heard about Curve 25519 (created by the mighty Dan Bernstein [here]), as it’s used in many applications, including with Tor, and OpenSSL. Overall, it uses a finite field defined with a prime number of:

2²⁵⁵-19

All this means is that all of the operations are done (mod 2²⁵⁵-19). With Curve 25519 we use a key exchange method of X25519 (and which basically just uses one of the co-ordinates of the elliptic curve). Here is my implementation of X25519 [demo]:

And so while X25519 gives around 128-bit security, we can improve on this with Curve 448, and which implements around 224-bit security, and uses a prime number of:

2⁴⁴⁸-2²²⁴-1

This considerably improves the security of the key exchange method, and should be used in applications that need a much higher security level than X25519. The coding for this in Python is [demo]:

The coding for these is based RFC 7748 [here]. So here are two demos:

ASecuritySite: When Bob Met Alice

This publication brings together interesting articles…

Prof Bill Buchanan OBE

Written by

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

ASecuritySite: When Bob Met Alice

This publication brings together interesting articles related to cyber security.

Prof Bill Buchanan OBE

Written by

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

ASecuritySite: When Bob Met Alice

This publication brings together interesting articles related to cyber security.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store