On 3/22/2011 7:44 PM, Jerome Baum wrote:
> Isn't ECDSA really vulnerable  to reused and predictable signature
> seeds (don't know what they're called, I'm talking about "k")?

No moreso than many other algorithms.  If the algorithm says "this value
must be random" and you don't use a random value, then yes, you're going
to have a very bad day.

> You loose any interoperability as  it's not OpenPGP, right?

ECC is being introduced into the OpenPGP standard.  Pretty much everyone
in the working group wants it to be added: they just want to make sure
it gets added in the right way.

I'll eat my own hat if PGP Corporation doesn't already have an internal
testing branch that supports ECC.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to