OpenPGP card specification enhancement for ECDSA support

NIIBE Yutaka gniibe at
Mon Mar 4 02:19:00 CET 2013

Hello Andrey,

On 2013-03-02 at 18:12 +0900, NIIBE Yutaka wrote:
> On 2013-03-01 at 11:02 -0800, Andrey Jivsov wrote:
> > Please consider using the compact representation of an ECC point: 
> > with the OpenPGP card.
> Thank you very much.  I didn't know this document.  All that I had
> known about compression was x + (1-bit of y).

I considered again.

For new keys, we will be able to take advantage of this compact
representation.  But, there are already ECDSA keys out there.

I will limit key space for Gnuk for new keys, so that keys generated
on Gnuk Token can be represented by the compact representation.  But,
note that most users of Gnuk use writekey command, generating keys on
host PC.

I think that Gnuk Token should not limit key space for writekey
command (host PC -> Gnuk Token), but should accept keys of other half
space for inter-operablity.

Speaking for GnuPG, same argument could be applied.

It is true that there has been no released versions which support
ECDSA yet.  But, it should handle any keys by any OpenPGP ECC
implementations.  Besides, GnuPG supports SSH and X.509.  With the
possibility of 50%, existing keys of ECDSA couldn't be represented by
the compact representation.  I think that GnuPG should handle both of
the compact representation and the uncompressed representation.

More information about the Gnupg-devel mailing list