Support for additional ECC Curves in GnuPG (gcrypt)

Sergi Blanch i Torné sergi at
Thu Sep 19 13:29:39 CEST 2013

In my humble opinion, this has been an enormous limitation on this
standard. But there are other curves with OIDs (check for the "Brainpool
standard Curves". The rfc4492, similar to what you mention but for TLS,
allows any arbitrary curve (prime & char2) but rfc 6637 doesn't allow us to
go that far.

About your question of the alternative curves, yes, I'm working in an
auditable algorithm (to get us to trust on it) to allow us to not share the
curve we use as the X9.62 mention as a issue when too many people shares
the same curve. The issue I'm having for this algorithm is to build them,
even for the "big" fields in a non-user desperation time (I mean not bigger
but smaller than equivalent rsa generation).


On Wed, Sep 11, 2013 at 1:46 PM, Alexandre Dulaunoy <a at> wrote:

> Hi Everyone,
> Do you know if someone is currently working to implement additional
> curves in ECC
> and especially to have an alternative to the NIST ones in gcrypt/GnuPG?
> and I was wondering if we are bound to the ones defined in:
> Thank you,
> Cheers.
> --
> --                   Alexandre Dulaunoy (adulau) --
> --                   
> --         "Knowledge can create problems, it is not through ignorance
> --                                that we can solve them" Isaac Asimov
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130919/a7dc4adf/attachment.html>

More information about the Gnupg-users mailing list