EdDSA (Edwards-curve Digital Signature Algorithm)

EdDSA (Edwards-curve Digital Signature Algorithm) is a modern signature scheme using twisted Edwards curves. It offers high performance, strong security, and resistance to implementation pitfalls that affect ECDSA.

Variants

• Ed25519: Most common, uses Curve25519, 128-bit security
• Ed448: Uses Curve448, 224-bit security

Advantages over ECDSA

// Deterministic signatures
// No random nonce needed - derived from message + private key
// Eliminates nonce reuse vulnerability that broke PS3

// Constant-time operations
// Designed to resist timing attacks

// Simpler implementation
// Fewer ways to make security mistakes

JWT Usage

// JWT algorithm
EdDSA: Can use Ed25519 or Ed448

// Example JWT header
{
  "alg": "EdDSA",
  "typ": "JWT",
  "crv": "Ed25519"
}

Performance

// Ed25519 is very fast:
// - Signing: ~15,000 signatures/second
// - Verification: ~7,000 verifications/second
// (On modern hardware)

Adoption

• SSH keys (ssh-ed25519)
• TLS 1.3
• Signal Protocol
• Tor
• Many cryptocurrencies

Security Considerations

• Still requires secure random for key generation
• Not post-quantum secure
• Ensure using legitimate curve implementation

See Also

• ECDSA
• RSA Cryptography
• JSON Web Token (JWT)