Where is ECC in gpg2 (specifically gnupg-2.0.21

Werner Koch wk at gnupg.org
Sat Sep 14 00:20:05 CEST 2013

On Fri, 13 Sep 2013 13:25, johanw at vulcan.xs4all.nl said:

> Such a major change would warrant a 1.6 IMO.


> BTW, is there any discussion in the OpenPGP community about other public
> key systems, like NTRUEncrypt (see

No, I am not aware of any discussions.  QC resistant algorithms are not
yet something we need to rush for.  We can't predict the future, but
anyway it is good to know that even with today's technologies there are
ways to mitigate an eventual QC based public key break.  In this light
the discussions about the need for 8k RSA now is as reliable as coffee
grounds reading

> IMO ECC has at least some questions about it since the NSA is pushing
> it. That could be because they know of weaknesses in it, or because they

There are of course sound reasons why they suggest the use of ECC.  With
about 30 years of research, ECC has a pretty solid theoretical
foundation.  The reasons why the seeds for the NIST curve parameters
have not been recorded should of course raise more doubts now - I don't
think that the DES history has a sequel here.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list