diff --git a/crypto/ecdsa.go b/crypto/ecdsa.go
index 58e5d5f5ab21d20c8ebc97e266efa4175ba5527b..c069d0cb521d372b97e0056f128feede97444e4d 100644
--- a/crypto/ecdsa.go
+++ b/crypto/ecdsa.go
@@ -115,7 +115,7 @@ func (ePriv *ECDSAPrivateKey) Raw() ([]byte, error) {
 	return x509.MarshalECPrivateKey(ePriv.priv)
 }
 
-// Equals compares to private keys
+// Equals compares two private keys
 func (ePriv *ECDSAPrivateKey) Equals(o Key) bool {
 	oPriv, ok := o.(*ECDSAPrivateKey)
 	if !ok {
diff --git a/crypto/ed25519.go b/crypto/ed25519.go
index b6e553147deaa255c66a9ec3179d434df4c35824..e8834d48188658d54156cc491777ce0411a4b2dd 100644
--- a/crypto/ed25519.go
+++ b/crypto/ed25519.go
@@ -2,6 +2,7 @@ package crypto
 
 import (
 	"bytes"
+	"crypto/subtle"
 	"errors"
 	"fmt"
 	"io"
@@ -70,7 +71,7 @@ func (k *Ed25519PrivateKey) Equals(o Key) bool {
 		return false
 	}
 
-	return bytes.Equal(k.k, edk.k)
+	return subtle.ConstantTimeCompare(k.k, edk.k) == 1
 }
 
 // GetPublic returns an ed25519 public key from a private key.
diff --git a/crypto/key.go b/crypto/key.go
index 3bec907418435204b2fa2da79379f140220e2bef..f021a0e9e70492f1ac5a648642f0702b658660db 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -4,12 +4,12 @@
 package crypto
 
 import (
-	"bytes"
 	"crypto/elliptic"
 	"crypto/hmac"
 	"crypto/rand"
 	"crypto/sha1"
 	"crypto/sha512"
+	"crypto/subtle"
 	"encoding/base64"
 	"errors"
 	"fmt"
@@ -364,5 +364,5 @@ func KeyEqual(k1, k2 Key) bool {
 
 	b1, err1 := k1.Bytes()
 	b2, err2 := k2.Bytes()
-	return bytes.Equal(b1, b2) && err1 == err2
+	return subtle.ConstantTimeCompare(b1, b2) == 1 && err1 == err2
 }