The first public public key memorandum of understanding  that meets the above criteria was the Diffie-Hellman key exchange, in which two parties jointly exposed a generator to random numbers, so that an earpiece cannot easily determine what the resulting value is used to create a common key. Key mous that is verified by the password requires the separate implementation of a password (which may be smaller than a key) in a way that is both private and integrity. These are designed to withstand man-in-the-middle and other active attacks on the password and established keys. For example, DH-EKE, SPEKE and SRP are Diffie-Hellman password authentication variants. The exponential key exchange itself does not indicate prior agreement or subsequent authentication between participants. It has therefore been described as an anonymous key memorandum of understanding. So if you want to create signatures with the Curve25519 curve, you have to calculate the coordinate $y. There are many ways to do this, one of which is to leave the curve as it is (in the shape of “Montgomery”) and to calculate its coordinates $y. Another way is to transform the curve into a new shape (the “twisted shape of Edwards”) and make there the arithmetic. This new curve is called Ed25519 and is “birational equivalent” of the old curve. There are other flavors. Technically, each elliptical curve can support both the signature and the key chord. However, curve25519 is intended for $x-only arithmetic, as described in the original document.
This means that you never calculate the coordinates $y. The problem is that you need the coordinate $y to verify the signature in the standard algorithms (ECDSA, EdDSA). A large number of cryptographic authentication schemes and protocols have been designed to provide authenticated key agreements to prevent man-in-the-middle and related attacks. These methods generally link the mathematically agreed key to other agreed data, such as.B. the following: Here too, the choice you make will be on efficiency and safety. Not because one curve can be used for signatures, while the other can`t. I guess the calculation of coordinates $y on Curve25519 is slow enough for people to prefer Ed25519. I`m trying to create a protocol to send encrypted and authenticated messages. To do this, I will sign the message with a two-key signature with the sender`s signature key and the recipient`s encryption key. Many key exchange systems have a part that generates the key and simply sends that key to the other party — the other party has no influence on the key. The use of a key MEMORANDUM of understanding avoids some of the major distribution problems associated with these systems. I need some instructions on elliptical curves that support the signature and key chord.