Security Glossary

EdDSA (Edwards-curve Digital Signature Algorithm)

A modern digital signature scheme using Edwards curves, designed for high performance and resistance to implementation vulnerabilities.

EdDSA (Edwards-curve Digital Signature Algorithm) is a modern signature scheme using twisted Edwards curves. It offers high performance, strong security, and resistance to implementation pitfalls that affect ECDSA.

Variants

  • Ed25519: Most common, uses Curve25519, 128-bit security
  • Ed448: Uses Curve448, 224-bit security

Advantages over ECDSA

// Deterministic signatures
// No random nonce needed - derived from message + private key
// Eliminates nonce reuse vulnerability that broke PS3

// Constant-time operations
// Designed to resist timing attacks

// Simpler implementation
// Fewer ways to make security mistakes

JWT Usage

// JWT algorithm
EdDSA: Can use Ed25519 or Ed448

// Example JWT header
// "alg": "EdDSA" alone identifies the algorithm.
// "crv" is a JWK member, not a JOSE header parameter.
{
  "alg": "EdDSA",
  "typ": "JWT"
}

Performance

// Ed25519 is very fast:
// - Signing and verification both run at
//   tens of thousands of operations per second
//   on commodity hardware.

Adoption

  • SSH keys (ssh-ed25519)
  • TLS 1.3
  • Signal Protocol
  • Tor
  • Many cryptocurrencies

Security Considerations

  • Still requires secure random for key generation
  • Not post-quantum secure
  • Ensure using legitimate curve implementation

See Also