ECDSA versus EdDSA

Signing Over The Curves

Due to shorter key lengths for the same level of security, ECC gives better performance compared to RSA. However, they do come with certain limitations.

The common disadvantage of ECC is that it increases the size of the encrypted message significantly more than RSA encryption.

The common ECC signatures include EcDSA and EdDSA. Both have the value of n which is the order of the curve and it relates to the total number of points that are possible.

Caveats Of ECC

1. Most implementations require a secure RNG - if the RNG is insecure then the private key parameter can be calculated. (Note: There are ways to do with RNG, see RFC 6979)
2. ECDSA requires a secure hash function. However, as signatures are much smaller than e.g. RSA, the hash collision comes into question which can compromise the signature.
3. ECC doesn't provide a direct method of encryption, instead EC-IES is commonly used. This means that a key pair generation has to be performed and that the public key must be sent along with the ciphertext. 
4. ECC is more efficient than RSA for signature generation and decryption, but it's still slower than symmetric algorithms.
5. ECC requires some agreement on…