Looking for Elgamal sign+encrypt key information

Per Tunedal Casual pt at radvis.nu
Mon Mar 22 08:32:17 CET 2004

Hash: SHA1

At 05:01 2004-03-22, you wrote:
 >Len Sassaman wrote:
 >> It was actually implemented in PGP 7.5, probably per the direction of the
 >> marketing department, because "elliptic curve cryptography" sounds sexy.
 >Unfortunate reason to incorporate something, I agree.
 >> There are strong reasons *not* to add more algorithms to OpenPGP. OpenPGP
 >> already suffers greatly by having so many possible algorithms on which
 >> attacks against the system can be made.
 >Perhaps.  I wouldn't go adding ECDSA just for coolness factor.

I thought "elliptic curve cryptography"  wasn't established yet and thus
couldn't be considered to be safe. I do wonder why it's included in DSS - I
thought the standard was somewhat conservative. Have I missed something?

 > But, one
 >of the given reasons for the incorporation of DSA was that it was a
 >signature standard.  One of the given reasons for incorporation of rDSA
 >and ECDSA into the new DSS is the key length restriction of DSA.  If DSA
 >falls into disuse, then without rDSA or ECDSA, there will be no
 >signature standard in OpenPGP at all.
 >I really don't know how much of an issue this would be.  Is the
 >incorporation of DSS important to GnuPG and OpenPGP?  How much of the
 >reasoning for incorporating DSA was that it was a standard, and how much
 >of it was because of RSA's patent?  These are questions I don't know the
 >answer to.  Any takers?
I strongly agree that we need longer signatures. And I believe it's
important to continue with support of the DSS. I thought the only reason
not to have longer signatures was to comply with the DSS ...
I am glad to hear that the DSS finally has changed and naturally OpenPGP
will have to follow.
Per Tunedal

Version: GnuPG v1.2.4 (MingW32) - GPGrelay v0.94


More information about the Gnupg-users mailing list