ECC curves used in gnupg?
Michael Anders
micha137 at gmx.de
Wed Dec 18 09:21:33 CET 2013
On Tue, 2013-12-17 at 13:01 -0600, Anthony Papillion wrote:
> I know that gnupg is experimenting with ECC and I'm wondering which
> curves the team has decided to use. I know there are some curves that
> are now suspected of being tainted by the NSA through NIST. Has the
> gnupg team ruled using those curves out?
Wouldn't it be nice to include ecc curves up to 1024 bit(ecc brainpool
gives you 512 bit at most, maryland 521).
I calculated the parameters last year(no ties to maryland) and they are
free for noncommercial use ;-)
They can be found here:
http://www.fh-wedel.de/~an/crypto/accessories/domains_anders.html
In the ECC software "Academic Signature" -which contains a minimalistic
GnuPG GUI by the way- you can check their sanity, including the MOV
condition.
There has been a thread on insecure GnuPG defaults lately. (SHA1
hmmmm....) Please keep in mind that (to my knowledge) maryland does
allow the export of ecc software up to 256 bit if in the "interest of
national security". So why not exclude bit sizes smaller than 256 from
the very beginning.
regards
Michael
More information about the Gnupg-users
mailing list