Smartcard EdDSA Support

NIIBE Yutaka gniibe at
Tue Mar 25 08:43:14 CET 2014


I have implemented the Twisted Edwards curve computation routine for
Gnuk, and I am currently considering to integrate this routine.

My primary target is using the curve with OpenSSH, so, I will use
"INTERNAL AUTHENTICATE" smartcard command of ISO 7816.

Other than that, we need to extend the OpenPGPcard specification, and
corresponding parts of the GnuPG implementation.  There are three

(1) Importing key to card
(2) Public key representation
(3) Algorithm attributes

For (1), I think that we can follow the way of tentative ECDSA

For (2), there are two ways, standard EdDSA representation
(y-coordinate only + parity of x, little endian) or no-compression
representation (big endian) which starts with 04.  It would be good to
use no-compression representation, as it sounds more compatible.

For (3), it will be algorithm ID + OID.  (we need new algorithm ID for
EdDSA.)  I'm not sure if we will have EdDSA with different curves in
future, but if there is such a possibility, OID is required.

Any comments are appreciated.

No, I haven't tested the code on the target board yet.  It has been
only tested on host.  I need to integrate it first, as the code is
somewhat big.  Usually, I test code on the target board on RAM, but
this time, it is bigger than 20kB RAM.

More information about the Gnupg-devel mailing list