[PATCH] Changes for EdDSA (3/3)

NIIBE Yutaka gniibe at fsij.org
Mon Apr 7 07:35:18 CEST 2014


On 2014-04-07 at 13:45 +0900, NIIBE Yutaka wrote:
> diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
> index da1bec9..a0fd1c6 100644
> @@ -238,6 +240,10 @@ struct app_local_s {
>        struct {
>          int curve;
>          int hashalgo;
> +      } eddsa;
> +      struct {
> +        int curve;
> +        int hashalgo;
>          int cipheralgo;
>        } ecdh;
>      };

Here needs additional explanation.

Since the paper of EdDSA [ed25519] suggests other hash functions, I
reserved a field of hash algorithm for EdDSA algorithm attribute of
OpenPGP card.  But, it seems that it's not good idea.

Reading RFC4880 again, I think that it would be better to allocate
another public-key algorithm ID for (say) EdDSA-SHA3, perhaps.

[ed25519] 23pp. (PDF) Daniel J. Bernstein, Niels Duif, Tanja
Lange, Peter Schwabe, Bo-Yin Yang. High-speed high-security
signatures.  Journal of Cryptographic Engineering 2 (2012), 77-89.
Document ID: a1a62a2f76d23f65d622484ddd09caf8.
URL: http://cr.yp.to/papers.html#ed25519. Date: 2011.09.26.
-- 





More information about the Gnupg-devel mailing list