one ecc key-pair for both encryption and signature?
Bernhard Reiter
bernhard at intevation.de
Fri Jan 7 17:55:50 CET 2022
Am Freitag 07 Januar 2022 15:21:45 schrieb Andrew Gallagher via Gnupg-users:
> On 07/01/2022 14:06, Bernhard Reiter wrote:
> > With 2.2.33 is is not possible to create a single ecc key-pair
> > that can do "sign" and "encrypt".
>
> it is best practice to keep the encryption-capable subkey distinct.
Is this the only reason?
Then RSA should be limited in the same way.
(Because there it is possible, so I guess that there is another reason.)
Am Freitag 07 Januar 2022 15:26:50 schrieb Robert J. Hansen via Gnupg-users:
> Ed25519 is (effectively) a Schnorr signature done over an Edwards curve.
> Schnorr signatures have really no capability of being used for
> encryption, unless you want to do it just a few bytes at a time.
Reading https://en.wikipedia.org/wiki/Curve25519
| Curve25519 is an elliptic curve [..] designed for use with the elliptic
| curve Diffie–Hellman (ECDH) key agreement scheme
-> encrypt
| The curve is birationally equivalent to a twisted Edwards curve
| used in the Ed25519 signature scheme.
There is anequivalence given (two functions) in the Ed25519 wikipedia page,
but I don't know if this allows the same curve used in both algorithms.
Regards
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220107/1f312227/attachment-0001.sig>
More information about the Gnupg-users
mailing list