diff --git a/CHANGES.md b/CHANGES.md
index 1e1dd6b46..5efe967b9 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -25,6 +25,7 @@
## Behavioral changes and enhancements
+* [SSHD-704](https://issues.apache.org/jira/browse/SSHD-704) Add support for RFC 8731 (curve25519 and curve448 key exchange algorithms)
* [SSHD-1017](https://issues.apache.org/jira/browse/SSHD-1017) Add support for the chacha20-poly1305@openssh.com cipher
* [SSHD-1161](https://issues.apache.org/jira/browse/SSHD-1161) Support OpenSSH client certificates for publickey authentication
* [SSHD-1163](https://issues.apache.org/jira/browse/SSHD-1163) Wrong server key signature algorithm chosen in DH group key exchange
diff --git a/README.md b/README.md
index 6c1ff8240..2a3a1c076 100644
--- a/README.md
+++ b/README.md
@@ -34,6 +34,7 @@ based applications requiring SSH support.
* **Note:** - the server side supports these signatures by default. The client side requires specific
initialization - see [section 3.3](https://tools.ietf.org/html/rfc8332#section-3.3) and also the
above mentioned hooks for [RFC 8308](https://tools.ietf.org/html/rfc8308).
+* [RFC 8731 - Secure Shell (SSH) Key Exchange Method Using Curve25519 and Curve448](https://tools.ietf.org/html/rfc8731)
* [Key Exchange (KEX) Method Updates and Recommendations for Secure Shell](https://tools.ietf.org/html/draft-ietf-curdle-ssh-kex-sha2-03)
* [OpenSSH support for U2F/FIDO security keys](https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.u2f)
* **Note:** the server side supports these keys by default. The client side requires specific initialization
@@ -63,7 +64,8 @@ aes128-gcm@openssh.com, aes256-gcm@openssh.com, chacha20-poly1305@openssh.com
, hmac-sha2-512-etm@openssh.com, hmac-sha1-etm@openssh.com
* **Key exchange**: diffie-hellman-group1-sha1, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group14-sha256
, diffie-hellman-group15-sha512, diffie-hellman-group16-sha512, diffie-hellman-group17-sha512, diffie-hellman-group18-sha512
-, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521
+, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256, curve25519-sha256@libssh.org, curve448-sha512
+ * On Java versions before Java 11, [Bouncy Castle](./docs/dependencies.md#bouncy-castle) is required for curve25519-sha256, curve25519-sha256@libssh.org, or curve448-sha512.
* **Compressions**: none, zlib, zlib@openssh.com
* **Signatures/Keys**: ssh-dss, ssh-rsa, rsa-sha2-256, rsa-sha2-512, nistp256, nistp384, nistp521
, ssh-ed25519 (requires `eddsa` optional module), sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com
diff --git a/docs/dependencies.md b/docs/dependencies.md
index 85a43c544..39aa4f5e5 100644
--- a/docs/dependencies.md
+++ b/docs/dependencies.md
@@ -32,6 +32,11 @@ or via `SecurityUtils#setKeyPairResourceParser` for **global** usage - even with
org.bouncycastle
bcpkix-jdk15on
+
+
+ org.bouncycastle
+ bcprov-jdk15on
+
```
@@ -96,7 +101,7 @@ order to be included in the classpath:
```xml
-
+
net.i2p.crypto
eddsa