New key type (ed25519) and private key format

Sat Dec 7 23:15:02 EST 2013

Damien Miller <djm at mindrot.org> wrote:

> Markus has just committed a few changes that add support for the Ed25519
> signature algorithm[1] as a new private key type. This algorithm has a
> few benefits: it is fast (comparable to ECDSA and RSA), offers 256-bit
> security and doesn't require random numbers to generate a signature.

Actually DJB et al.'s paper claims 128-bit security.

Looking at myproposal.h, I see that the new algorithm is called
"ssh-ed25519" without "@openssh.com".  Is that intentional or an
oversight?

-- 
Christian "naddy" Weisgerber                          naddy at mips.inka.de