Opengpg smartcard specs for kyber (PQC) algorithm
Simon Josefsson
simon at josefsson.org
Thu May 8 10:43:29 CEST 2025
Werner Koch via Gnupg-users <gnupg-users at gnupg.org> writes:
> If you are interested in smartcard support I would suggest to use a
> smartcard with an ECC algorithm and an on-disk Kyber key. GnuPG 2.5.5
> already supports this by allowing to specify the keys used for a new
> OpenPGP certificate using two keygrips: At the "Enter the Keygrip:"
> prompt give both keygrips delimuted by a command. For the Kyber part
> first create a dummy key (or use gpg-connect-agent to create the Kyber
> key part) and use its keygrip along with the keygrip of an on-card ECC
> key.
Oh! Is there a step-by-step instruction how to create a key like this?
I've not been that interested in PQ PGP because I am so heavily reliant
on my GNUK for everyday GnuPG usage. I also have doubts if Kyber is the
only PQ alternative, and would want to migrate first when there are
alternatives on the table, to have some mitigation plan ready on
cryptographic weaknesses.
/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1251 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250508/10d60a51/attachment.sig>
More information about the Gnupg-users
mailing list