On 03/06/2015 09:50 PM, Felix E. Klee wrote: > Marek later explained to me that the Bitcoin crypto standard is > different from those used with PGP.
Do you mean the curve of secp256k1? GnuPG modern 2.1.x with development version of libgcrypt support secp256k1. Development version of Gnuk also supports secp256k1. It was introduced to GnuPG and Gnuk, so that we can sign the transactions of Bitcoin with GnuPG (and using Gnuk Token, if you have). That was the intention. I also asked Kristian for SKS server. And the support was added. I considered some enhancement to existing Bitcion client (such as Electrum), so that it can ask signing to GnuPG. However, nothing more happened beyond these lower level implementation enhancement. Perhaps, there wouldn't be enough demand (other than my own hack value). I had to stop my development for Bitcoin, because of infamous "BITTOKOIN" fraud in Japan. After all, their customers had no idea about controlling their own private keys and their computation by themselves, it could never be the potential market of Gnuk Token (or GnuPG). ... and I think that there is some interoperability issue(s) for handling of secp256k1 key in GnuPG implementation which doesn't support the specific curve (or ECC at all) and/or some? keyservers. I got report that my key on keyservers are huge, and it seems because of the subkey of secp256k1. I haven't examined the detail of this issue yet, and I don't know the cause of this trouble. So, I never recommend to join the experiment of secp256k1, now. If some people still want this direction, a person can check my subkey of secp256k1 (available in keyservers) with GnuPG modern and development version of libgcrypt. Then, he can see my Bitcoin address by a tool I posted last year (gpgkey2bc) [0]. And if he really wish to do so, he can send some Bitcoin to that address. When the amount of Bitcoin into the specific address will be much, it will be perhaps enough pressure to move my development to this area, back again. Well, I don't believe the device with good UI, in general. UI is (or can be) most complex component in a system. If there is a better UI, it means (for me, at least) that the system is more complex to make audit more difficult. And, in general, the hardware (MCU) requirement from good UI is rather bigger than the one from ECC itself. If a system will have a much power, power will corrupt. We could learn from the architecture of phone (with better UI). [0] gpgkey2bc: Generating address of Bitcoin from public key: https://lists.gnupg.org/pipermail/gnupg-devel/2014-January/028147.html -- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
