4096 bit keys

Robert J. Hansen rjh at sixdemonbag.org
Wed Mar 23 00:51:36 CET 2011


On 3/22/2011 7:44 PM, Jerome Baum wrote:
> Isn't ECDSA really vulnerable  to reused and predictable signature
> seeds (don't know what they're called, I'm talking about "k")?

No moreso than many other algorithms.  If the algorithm says "this value
must be random" and you don't use a random value, then yes, you're going
to have a very bad day.

> You loose any interoperability as  it's not OpenPGP, right?

ECC is being introduced into the OpenPGP standard.  Pretty much everyone
in the working group wants it to be added: they just want to make sure
it gets added in the right way.

I'll eat my own hat if PGP Corporation doesn't already have an internal
testing branch that supports ECC.



More information about the Gnupg-users mailing list