Paragon Initiative Enterprises Blog

The latest information from the team that develops cryptographically secure PHP software.

Ristretto255 for the PHP Community

Ristretto logo

Ristretto is a technique for constructing prime order elliptic curve groups with non-malleable encodings. It extends Mike Hamburg's Decaf approach to cofactor elimination to support cofactor-8 curves such as Curve25519.

Ristretto255 is Ristretto defined over Curve25519, which allows cryptographers to extend the Ed25519 signature scheme to support complex zero-knowledge proof protocols without having to deal with the cofactor.

(The cofactor in Ed25519 is what caused the multi-spend vulnerability in CryptoNote cryptocurrencies (n.b. Monero).)

Sounds Complicated And Hard to Use, Right?

Cryptographer and Go Security team lead, Filippo Valsorda, once implemented the modern password-authenticated key exchange protocol, CPace, in only 125 lines of Go and said "it felt like cheating".

Why Are We Talking About This Today?

Libsodium added support for Ristretto255 in version 1.0.18 (released in May 2019). Support for Ristretto255 will be landing in PHP 8.1 and PECL libsodium 2.0.25.

However, if you're in a hurry to experiment with these new features, we just released sodium_compat version 1.16.0 which contains a pure-PHP implementation of these features.

As always: If the canon implementation of a libsodium algorithm is available, sodium_compat defers to the actual function. This lives up to the 0th Rule of PHP Cryptography.


Special thanks to Tony Arcieri, Frank Denis, Isis Lovecruft, Mike Hamburg, and Henry de Valence for making this release possible.

About the Author

P.I.E. Staff

Paragon Initiative Enterprises

Paragon Initiative Enterprises is a Florida-based company that provides software consulting, application development, code auditing, and security engineering services. We specialize in PHP Security and applied cryptography.


Need Technology Consultants?

Will tomorrow bring costly and embarrassing data breaches? Or will it bring growth, success, and peace of mind?

Our team of technology consultants have extensive knowledge and experience with application security and web/application development.

We specialize in cryptography and secure PHP development.

Let's Work Together Towards Success

Our Security Newsletters

Want the latest from Paragon Initiative Enterprises delivered straight to your inbox? We have two newsletters to choose from.

The first mails quarterly and often showcases our behind-the-scenes projects.

The other is unscheduled and gives you a direct feed into the findings of our open source security research initiatives.

Quarterly Newsletter   Security Announcements