You’ve Heard of X25519, But What’s So Special About X448?

2⁴⁴⁸-2²²⁴-1
Photo by Markus Spiske on Unsplash

You’ve Heard of X25519, But What’s So Special About X448?

2⁴⁴⁸-2²²⁴-1

Elliptic curve methods are now used extensively in cybersecurity, and your connection to this web page probably uses elliptic curve methods for its key exchange. Normally for a secure connection, we will use something like AES for the main encryption, and where the key is negotiated with ECDH (Elliptic Curve Diffie Hellman).

So you may have heard about Curve 25519 (created by the mighty Dan Bernstein [here]), as it’s used in many applications, including with Tor, and OpenSSL. Overall, it uses a finite field defined with a prime number of:

2²⁵⁵-19

All this means is that all of the operations are done (mod 2²⁵⁵-19). With Curve 25519 we use a key exchange method of X25519 (and which basically just uses one of the co-ordinates of the elliptic curve). Here is my implementation of X25519 [demo]:

And so while X25519 gives around 128-bit security, we can improve on this with Curve 448, and which implements around 224-bit security, and uses a prime number of:

2⁴⁴⁸-2²²⁴-1

This considerably improves the security of the key exchange method, and should be used in applications that need a much higher security level than X25519. The coding for this in Python is [demo]:

The coding for these is based RFC 7748 [here]. So here are two demos:

Tor key creation - Curve25519
Back] The Tor routing network uses relay node to secure traffic. Each node has their own encryption key and is…asecuritysite.com
X448 (Curve 448)
Back] X448 is based on Curve 448, and is used for key exchange with ECDH (Elliptic Curve Diffie Hellman). It supports a…asecuritysite.com