Computer Science bachelor degree thesis on Libgcrypt

Marcio Barbado, Jr. marcio.barbado at
Tue Feb 28 03:28:33 CET 2017

Hi NIIBE and list.

As suggested, I've searched through and read some messages from the 
lists' archives (mostly gnupg-users and gcrypt-devel to be honest).

Also I've searched GnuPG's blog, bug tracker, libgcrypt's repository 
itself, and the Internet as well, including academic content. There is 
GPG-related stuff all over the Internet, as one might expect.

Mostly, I used search keywords like "benchmark", "bug", "comparison", 
"feature", "metrics", "patch", "problem", "request" and "unsolved". Each 
one combined somehow with libgcrypt.

Results obviously led me to more and more content, which I tried to 
filter and figure, given my academic deadlines constraints.

A few conclusions, ideas and remarks arose:

* bugs were discarded for the group believes there's no such knowledge 
among us nor backstage intimacy to deal with that;

* features were also discarded because it could put us away from the 
OpenPGP standard, and we want to stick with it;

* probably, our best chance lies on libgcrypt's TODO file (from 
libgcrypt's repository), which lists interesting items, some don't seem 
like critical stuff. Plus the referred file says community need testing;

* [INTERLUDE] meanwhile, our teacher (who reads us) has suggested us to 
consider a study on algorithms' metrics (comparisons and things like 
that); As mentioned, community do need tests, and the "tests" directory 
looks interesting in this sense; and

* well, given all of the recent buzz around SHA-1 collision, we're 
considering tests among the substitution candidates (eg: BLAKE2, SHA-256 
and SHA-3).

So, concerning those tests, we have some questions like: are there any 
architectures and/or contexts on which new benchmarks could be helpful 
at this moment?


Em 08.02.2017 14:12, Marcio Barbado, Jr. escreveu:
> Hi, NIIBE. Thank you for replying back.
> Sorry for wrong technical terminology. At least my kung fu feeling
> was quite close.
> We'll be taking a look in all that.
> Regards,
> Em 08.02.2017 06:43, NIIBE Yutaka escreveu:
>> Hello, Marcio,
>> Well, I learned QiGong from the Chinese master when I was a student 
>> in
>> Tokyo.  :-)  No, I am not a master (QiGong or libgcrypt).  But, I do 
>> some
>> development of libgcrypt, and maintain some code.
>> "Marcio Barbado, Jr." <marcio.barbado at> writes:
>>> For example, should we post on another mailing list or is this the
>>> proper one for algorithmic code development?
>> Yes, here is the place for technical discussion.  I don't know about
>> "algorithmic code development" you addressed, though.
>> You can find what's going on in the development by reading our 
>> archives.
>> The Gcrypt-devel Archives:
>> Our source code repository is here:
>> The GNU crypto library:
>> Please get the source code by git.  The command line invocation is:
>> $ git clone git://
>> And then, you can examine the history of our development.
>> --
> Marcio Barbado, Jr.

Marcio Barbado, Jr.

More information about the Gcrypt-devel mailing list