[SUGGESTION NEEDED] A request for suggestion on furthering the discussion over ElGamal

Werner Koch wk at gnupg.org
Thu Oct 19 13:57:04 CEST 2017

On Thu, 19 Oct 2017 03:35, gniibe at fsij.org said:

> It would be good to have elgamal-schnorr.c in libgcrypt, but I don't
> know if it's worth or not.  Which application uses that?

I can't tell either.  Let me note that for example GNUnet uses and used
modified versions of standard algorithms and they have not yet made it
into Libgcrypt as a "high-level" API.  Thus they need to use lower level
functions of Libgcrypt to implement that - which of course works.  When
we are getting to the point that those algorithms are in widespread use,
it will indeed make sense to implement a dedicated API for such an

> for me that we have better choice on a cyclic group other than Schnorr
> Group.  Say, Elliptic curve?

GNUnet also moved away from DSA to EC derived algorithms.

Regarding the improper use of Elgamal, the Libgcrypt release
announcements tell this:

  Thorough understanding of applied cryptography is required
  to use Libgcrypt.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20171019/22a037db/attachment.sig>

More information about the Gcrypt-devel mailing list