OpenSSH got U2F support - an idea for GnuPG?

Wiktor Kwapisiewicz wiktor at
Tue Jan 14 12:05:49 CET 2020

Hi Tobias,

U2F devices sign data in a specified format so it's not possible to sign 
any byte array [0], this could conflict with the way GnuPG calculates 
what should be signed. If you check out OpenSSH U2F support in detail 
you'll see that they defined special key type (ecdsa-sk [1]) that I 
guess is used by server to wrap raw bytes in U2F structure before 
signature verification.


One interesting aspect of U2F is that virtually all tokens on the market 
implement "unlimited number of keys" feature by having one 
manufacturer-burned secret key and then deriving signing key from that 
secret key and key handle (that's key ID that is passed by the application).

To be honest I think if someone has U2F token then there is a high 
chance that this also includes OpenPGP applet. If not, the U2F token can 
only be used for signing data, not for encryption. One advantage of U2F 
tokens though is their relative low price.

Kind regards,


More information about the Gnupg-devel mailing list