Opengpg smartcard specs for kyber (PQC) algorithm
Werner Koch
wk at gnupg.org
Tue May 13 10:10:35 CEST 2025
Hi!
On Thu, 8 May 2025 10:43, Simon Josefsson said:
> Oh! Is there a step-by-step instruction how to create a key like
> this?
Not yet. However some folks obviously experimented with this and found
that smartcard support does not yet work. Damien reported this as
https://dev.gnupg.org/T7648 and Gniibe fixed that in the repo. Actually
there was even a comment in the code which indicates this.
> on my GNUK for everyday GnuPG usage. I also have doubts if Kyber is the
> only PQ alternative, and would want to migrate first when there are
> alternatives on the table, to have some mitigation plan ready on
> cryptographic weaknesses.
Given the threat model of store-now-decrypt-after-first-contact-day any
alternative PQC algorithm will not be very helpful. Unless we use
ECC+Kyber+OtherPQC and risk that the key combiner gets broken.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20250513/05afb23f/attachment.sig>
More information about the Gnupg-users
mailing list