Much of the foundation of your online security comes down to a basic thing: elliptic curves. It is these magical little curves that allow your browser and the server to talk openly and then agree on an encryption key. This key then stops people spying on you, and makes sure that no one hi-jacks your connection. to me, they are beautiful.

With the ECDH (Elliptic Curve Diffie Hellman) handshake method, we have an almost perfect way to generate a shared key between Bob and Alice, without Eve ever finding it out. So what curve can we use? Well, Curve 25519, is one of the best elliptic curves around (and free from backdoors, he hope). It uses the Montgomery curve form of:

And where we take a base point (**G**), and then create a private key (**n**), and then determine our public key (**nG**). With this, nG is the point G added n times (G+G+…G). Overall, Curve 25519 was created by **Daniel J Bernstein**, and who has contributed so much to cybersecurity. The form he chose was:

and where p=2²⁵⁵-19. It gives 128-bit security levels, and which is currently strong enough in most applications.

## Finding the base point (G)

The way elliptic curve cryptography works is that we take a private key value (n), and then compute a public key point (nG), and where G is the base point on the curve. If n is large enough and random, it will be almost impossible to determine the private key (n) from the public key (nG).

For Ed25519, let’s determine the base point of the curve from [here]:

import nacl.bindings as b

import binascii

import sys

p = 2**255 - 19def inv(x):

return pow(x, p-2, p)d = -121665 * inv(121666)

I = pow(2,(p-1)//4,p)

def findx(y):

xx = (y*y-1) * inv(d*y*y+1)

x = pow(xx,(p+3)//8,p)

if (x*x - xx) % p != 0: x = (x*I) % p

if x % 2 != 0: x = p-x

return xdef convert_to_little_int(val):

little_hex = bytearray.fromhex(val)

little_hex.reverse()

little = ''.join(format(x, '02x') for x in little_hex)

return little

i=1n = binascii.a2b_hex("0100000000000000000000000000000000000000000000000000000000000000")