Specification for Kyber in GnuPG

Werner Koch wk at gnupg.org
Wed May 8 11:33:57 CEST 2024


Hi Kai,

On Wed,  8 May 2024 00:32, Kai Engert said:

> Furthermore, as I understand it, the v5 key format and the v6 key
> format are very close to each other (thanks a lot to Andrew Gallagher

It is not alone about the key packet version (which also flags some
other behaviour) but on the algorithm specific fields for the public key
system.  For the the same public key algorithm (e.g. EdDSA) they defined
new algorithms named after the curve (27 = Ed25519 and 28 = Ed448) and
deprecated the long established algorithm 22 (now called EdDSALegacy).
The obvious intention is to merge the parameters of the algorithm into
the algorithm id.  In their PQC draft they did the same and ended up
with a bunch of new algorithm ids for just 3 new algorithms.

Merging algorithms and their parameters into one algorithm id is the way
it is done in SSL/TLS but it is not the way it is done in PGP/OpenPGP.



Salam-Shalom,

   Werner


p.s.
We should eventually face the fact that crypto-refresh has “hijacked”
the term OpenPGP for an entire new protocol.  This is why I started to
use “*PGP” or “LibrePGP”.  After 25 years of popularizing the term
“OpenPGP” over of GPG or PGP that is not easy ;-)

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20240508/6f01dade/attachment.sig>


More information about the Gnupg-devel mailing list