Keys

Elliptic Curve

Following Postel's Law, Fission accepts many key signing schemes, but only generates keys on Curve 25519, with signatures on the Edwards Curve.

We have chosen Edwards 25519 for a multitude of reasons, not least of which being reasonable performance and quantum-resistant security.

[...] concretely Curve25519 works with keys consisting of about 256 bits, while an equivalent RSA instantiation would need key sizes of 3072 bits long. Source

Elliptic curve cryptography is by no means "perfect security", and can be defeated if the verifier does not verify that the public key actually falls on the correct curve. As such, please verify that the signature that comes in a payload is indeed on Curve 25519.