one ecc key-pair for both encryption and signature?
Robert J. Hansen
rjh at sixdemonbag.org
Fri Jan 7 15:26:50 CET 2022
> I know that "ed25519" and "cv25519" are different algorithms,
> but from my limited understanding the same key-pair should be
> usable for both encrypting and signing in theory?
Ed25519 is (effectively) a Schnorr signature done over an Edwards curve.
Schnorr signatures have really no capability of being used for
encryption, unless you want to do it just a few bytes at a time.
Schnorr signatures were also used as the basis for DSA during the
cryptowars of the 1990s. The US government was very worried that any
federal crypto standard not be able to be used for encryption
(seriously): they wanted to give American citizens and businesses a
strong signature algorithm, but not give us a strong encryption
algorithm. Hence, Schnorr was adapted into becoming the Digital
More information about the Gnupg-users