Looking for Elgamal sign+encrypt key information
Per Tunedal Casual
pt at radvis.nu
Mon Mar 22 08:32:17 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
At 05:01 2004-03-22, you wrote:
>Len Sassaman wrote:
>> It was actually implemented in PGP 7.5, probably per the direction of the
>> marketing department, because "elliptic curve cryptography" sounds sexy.
>Unfortunate reason to incorporate something, I agree.
>> There are strong reasons *not* to add more algorithms to OpenPGP. OpenPGP
>> already suffers greatly by having so many possible algorithms on which
>> attacks against the system can be made.
>Perhaps. I wouldn't go adding ECDSA just for coolness factor.
I thought "elliptic curve cryptography" wasn't established yet and thus
couldn't be considered to be safe. I do wonder why it's included in DSS - I
thought the standard was somewhat conservative. Have I missed something?
> But, one
>of the given reasons for the incorporation of DSA was that it was a
>signature standard. One of the given reasons for incorporation of rDSA
>and ECDSA into the new DSS is the key length restriction of DSA. If DSA
>falls into disuse, then without rDSA or ECDSA, there will be no
>signature standard in OpenPGP at all.
>I really don't know how much of an issue this would be. Is the
>incorporation of DSS important to GnuPG and OpenPGP? How much of the
>reasoning for incorporating DSA was that it was a standard, and how much
>of it was because of RSA's patent? These are questions I don't know the
>answer to. Any takers?
I strongly agree that we need longer signatures. And I believe it's
important to continue with support of the DSS. I thought the only reason
not to have longer signatures was to comply with the DSS ...
I am glad to hear that the DSS finally has changed and naturally OpenPGP
will have to follow.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32) - GPGrelay v0.94
-----END PGP SIGNATURE-----
More information about the Gnupg-users