ECC and smartcards

NIIBE Yutaka gniibe at fsij.org
Fri Feb 15 08:03:45 CET 2013


It was more than a year ago, there is a thread on ECC support
of OpenPGP card...

On 2012-01-11 at 09:51 +0900, NIIBE Yutaka wrote:
> On 2012-01-03 at 11:28 +0000, Benjamin Donnachie wrote:
> > Are there any plans to include ECC support within the OpenPGP
> > Smartcard specification?
> > 
> > 
> > If not, would a proposal be welcome?
> 
> I'd like to see your proposal.  If it will include specification for
> NIST Curve P256, it will be soon implemented in Gnuk, as it has a
> branch which has ECDSA/ECDH computation for the curve.

I think that it's good if GnuPG 2.1 comes with the ECDSA/ECDH support
for smartcard.

Besides, I'm considering adding ECC feature to development branch of
Gnuk, too.  (I only have NIST curve P-256 computation routines, now.)
ECDSA is mostly ready.  For ECDH, I'll need to implement AESwrap
routine.

Starting from easy part for the specification, I think that adding a
spec for "Algorithm Attributes" is not that difficult.  It would be:

For ECDSA:
	ECDSA ID     (one byte)
	OID of curve (variable length)

For ECDH:
	ECDH ID       (one byte)
	Hash ID       (one byte)
	Encryption ID (one byte)
	OID of curve  (variable length)

I'm not sure about user interface, though.  That is, how we should
show this attribute for output of --card-status of GnuPG.

Currently for RSA, it's like:

	Key attributes ...: 2048R 2048R 2048R

It will be something like:

	Key attributes ...: 256E 256e 256E
-- 





More information about the Gnupg-devel mailing list