Looking for Elgamal sign+encrypt key information

Kurt Fitzner kfitzner at excelcia.org
Mon Mar 22 05:01:17 CET 2004

Len Sassaman wrote:

>>OpenPGP has a RSA-based signature algorithm that supports >1024-bit
>>keys.  It's, well, RSA ;)
> Precisely. What is the problem with RSA?

I think that was hit point. :)

> It was actually implemented in PGP 7.5, probably per the direction of the
> marketing department, because "elliptic curve cryptography" sounds sexy.

Unfortunate reason to incorporate something, I agree.

> There are strong reasons *not* to add more algorithms to OpenPGP. OpenPGP
> already suffers greatly by having so many possible algorithms on which
> attacks against the system can be made.

Perhaps.  I wouldn't go adding ECDSA just for coolness factor.  But, one 
of the given reasons for the incorporation of DSA was that it was a 
signature standard.  One of the given reasons for incorporation of rDSA 
and ECDSA into the new DSS is the key length restriction of DSA.  If DSA 
falls into disuse, then without rDSA or ECDSA, there will be no 
signature standard in OpenPGP at all.

I really don't know how much of an issue this would be.  Is the 
incorporation of DSS important to GnuPG and OpenPGP?  How much of the 
reasoning for incorporating DSA was that it was a standard, and how much 
of it was because of RSA's patent?  These are questions I don't know the 
answer to.  Any takers?

More information about the Gnupg-users mailing list