Re: Comparison of RSA vs elliptical keys

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi > For sure the MUA knows your own key. No. The MUA just passes the email address to GnuPG and GnuPG selects the key. - -- Best regards MFPA Eat well, stay fit - Die anyway --

Re: Comparison of RSA vs elliptical keys

On Fri, 22 May 2020 15:08, MFPA said: > How would it be used only with ECC keys? The MUA doesn't know the > flavour of key/subkey. For sure the MUA knows your own key. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP sign

Re: Comparison of RSA vs elliptical keys

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Friday 22 May 2020 at 9:52:35 AM, in , Werner Koch wrote:- > No, it is better to let the caller (ee.g. the MUA) > pass this option How would it be used only with ECC keys? The MUA doesn't know the flavour of key/subkey. - -- Best regards

Re: Comparison of RSA vs elliptical keys

On Wed, 20 May 2020 18:06, MFPA said: > Does (or will) --include-key-block have an argument that can be set to > tell it to only include ECC keyblocks, or to set a maximum keyblock No, it is better to let the caller (ee.g. the MUA) pass this option than to have it in a config file. (I initially

Re: Comparison of RSA vs elliptical keys

Interestingly enough, this breaks the Thunderbird/Protonmail integration, so your message just shows up as the raw PGP blob that Protonmail is pushing to the Protonmail client. It returns the error " Decryption error Decryption of this message's encrypted content failed. openpgp: unsupported

Re: Comparison of RSA vs elliptical keys

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Saturday 16 May 2020 at 9:49:55 PM, in , Stefan Claas wrote:- > out of curiosity, you signed the reply with two sub > keys, The RSA signature is for the benefit of recipients who can't handle ECC keys/signatures. Probably not needed anymor

Re: Comparison of RSA vs elliptical keys

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Monday 18 May 2020 at 7:33:47 AM, in , Werner Koch via Gnupg-users wrote:- > You are using --include-key-block; this is intended > to be used by MUAs > to send the encryption key along with a signature to > allow for immediate > encrypted r

Re: Comparison of RSA vs elliptical keys

On Sun, 17 May 2020 04:33, Ángel said: > In both cases, most of the signature space is taken by a hashed > subpacket of type 38. This value is not assigned, but looking at You are using --include-key-block; this is intended to be used by MUAs to send the encryption key along with a signature to a

Re: Comparison of RSA vs elliptical keys

Thanks to all the people that chimed in on my question. I was trying to get an idea how they compared. It was (for me) even more confusing with the 25519 choices as I didn't know the size of those keys until someone explained them better. On 5/11/2020 6:46 PM, Pete Stephenson via Gnupg-users wrote

Re: Comparison of RSA vs elliptical keys

Ángel wrote: > On 2020-05-16 at 22:49 +0200, Stefan Claas wrote: > > out of curiosity, you signed the reply with two sub keys, but > > what makes the signature so large, the hash algo used? I must > > admit I have never seen such a large signature before. > > It is quite large, indeed. This Radi

Re: Comparison of RSA vs elliptical keys

On 2020-05-16 at 22:49 +0200, Stefan Claas wrote: > out of curiosity, you signed the reply with two sub keys, but > what makes the signature so large, the hash algo used? I must > admit I have never seen such a large signature before. It is quite large, indeed. This Radix 64 block of 12375 bytes c

Re: Comparison of RSA vs elliptical keys

Stefan Claas wrote: > MFPA wrote: > > [...] > > > -BEGIN PGP SIGNATURE- > > > > iQ8RBAEWCg65FiEElgyGKNWS/4zei7C/4OLe4dbI7voFAl692adfFIAALgAo > [...] > > > RjfdBwsdZJrUrgtu7YTLAf0/v9mZZBAXfvO8CgNySZfWWZ5IP0BvHLgkUXI0r7Qt > > kuQMuu7LJiMJFrPQKIL1cQ== > > =XcGg > > -END PGP SIGN

Re: Comparison of RSA vs elliptical keys

MFPA wrote: [...] > -BEGIN PGP SIGNATURE- > > iQ8RBAEWCg65FiEElgyGKNWS/4zei7C/4OLe4dbI7voFAl692adfFIAALgAo [...] > RjfdBwsdZJrUrgtu7YTLAf0/v9mZZBAXfvO8CgNySZfWWZ5IP0BvHLgkUXI0r7Qt > kuQMuu7LJiMJFrPQKIL1cQ== > =XcGg > -END PGP SIGNATURE- Hi, out of curiosity, you signed th

Re: Comparison of RSA vs elliptical keys

> Certainly there are many reasons to extend the standard, which is not > set in stone and which is not a politically adopted law, for meaningful > things. Yes. If you want to talk about changing the standard please bring it up to the proper mailing list. Here is not the place for it. If you ca

keys require a user-id (was: Comparison of RSA vs elliptical keys)

On Thu, 14 May 2020 23:01, Stefan Claas said: > you would consider including it in GnuPG too and reflecting it in the > respective RFC? The User-IDs are an integral part of OpenPGP and at the core of its design. All kind of important information is bound to the user ids and thus a key w/o a user

Re: Comparison of RSA vs elliptical keys

Robert J. Hansen wrote: > > When you work in compliance mode it should be IHMO possible that > > people wishing to communicate with you (from foreign countries) and > > may have a different opinion about privacy, > > Sure. And if they're important enough for me to justify breaking > compliance,

Re: Comparison of RSA vs elliptical keys

> When you work in compliance mode it should be IHMO possible that people > wishing to communicate with you (from foreign countries) and may have a > different opinion about privacy, Sure. And if they're important enough for me to justify breaking compliance, I am perfectly capable of removing th

Re: Comparison of RSA vs elliptical keys

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Thursday 14 May 2020 at 11:41:00 PM, in , Stefan Claas wrote:- > GnuPG should accept > such public keys, > without using extra parameters and that you can > easily add them to your > key ring, with a simple label, thus not revealing the >

Re: Comparison of RSA vs elliptical keys

Stefan Claas wrote: > MFPA wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA512 > > > > Hi > > > > > > On Thursday 14 May 2020 at 11:41:00 PM, in > > , Stefan Claas wrote:- > > > > > > > > > GnuPG should accept > > > such public keys, > > > without using extra parameters and t

Re: Comparison of RSA vs elliptical keys

Andrew Gallagher wrote: > > > On 14 May 2020, at 23:42, Stefan Claas wrote: > > > > When you work in compliance mode it should be IHMO possible that > > people wishing to communicate with you (from foreign countries) and > > may have a different opinion about privacy, GnuPG should accept > > s

Re: Comparison of RSA vs elliptical keys

MFPA wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hi > > > On Thursday 14 May 2020 at 11:41:00 PM, in > , Stefan Claas wrote:- > > > > > GnuPG should accept > > such public keys, > > without using extra parameters and that you can > > easily add them to your > > key ring,

Re: Comparison of RSA vs elliptical keys

> On 14 May 2020, at 23:42, Stefan Claas wrote: > > When you work in compliance mode it should be IHMO possible that people > wishing to communicate with you (from foreign countries) and may have a > different opinion about privacy, GnuPG should accept such public keys, > without using extra par

Re: Comparison of RSA vs elliptical keys

Robert J. Hansen wrote: > > With all due respect, do you think when Hagrid and even good old SKS > > key servers supports this feature that people would not applaud you > > if you would consider including it in GnuPG too and reflecting it > > in the respective RFC? > > Speaking for myself, I hav

Re: Comparison of RSA vs elliptical keys

> With all due respect, do you think when Hagrid and even good old SKS > key servers supports this feature that people would not applaud you if > you would consider including it in GnuPG too and reflecting it in the > respective RFC? Speaking for myself, I have "rfc4880" in my gpg.conf for damned

Re: Comparison of RSA vs elliptical keys

Werner Koch wrote: > On Wed, 13 May 2020 15:09, Stefan Claas said: > > > defaults to cv25519... (and does not need to generate a UID for > > privacy reasons, simply fantastic!) > > And willfully violating the the standard. Not requiring a user id was > bug in PGP 2 and fixed more than 25 years

Re: Comparison of RSA vs elliptical keys

On Wed, 13 May 2020 15:09, Stefan Claas said: > defaults to cv25519... (and does not need to generate a UID for privacy > reasons, simply fantastic!) And willfully violating the the standard. Not requiring a user id was bug in PGP 2 and fixed more than 25 years about with PGP 2.6.3in. Shalom-S

Re: Comparison of RSA vs elliptical keys

On Wed, 13 May 2020 10:54, Damien Goutte-Gattat said: > Not yet. Officially, only the NIST P-256, P-384, and P-521 curves are > part of the standard (since RFC 6637). The first mention of Curve RFC-6637 allows for arbitrary curves because curves are specified using an ASN.1 OID. So for example t

Re: Comparison of RSA vs elliptical keys

On Wed 13/May/2020 11:54:12 +0200 Damien Goutte-Gattat via Gnupg-users wrote: > On Wed, May 13, 2020 at 10:02:14AM +0200, Sylvain Besençon via Gnupg-users > wrote: > >> I guess that Curve 25519 is mentioned in the IETF standard, isn't it? > > Not yet. Officially, only the NIST P-256, P-384, and

Re: Comparison of RSA vs elliptical keys

Konstantin Ryabitsev wrote: > On Tue, May 12, 2020 at 11:24:57AM +0200, Johan Wevers wrote: > > > For example, a 256 bit elliptic curve key has a similar strength > > > to a symmetric key of 128 bits. > > > > Until, of course, a working quantum computer with more than a few > > qubits is constru

Re: Comparison of RSA vs elliptical keys

Le 13.05.20 à 11:54, Damien Goutte-Gattat a écrit : On Wed, May 13, 2020 at 10:02:14AM +0200, Sylvain Besençon via Gnupg-users wrote: RJH's answer sounds like a good piece of advice, but still, at the end, we HAVE to to choose which algorithm to use when creating new key pairs. No you don’t.

Re: Comparison of RSA vs elliptical keys

Le 13.05.20 à 12:18, Robert J. Hansen a écrit : "Unless you know what you're doing and why, use the defaults." I've been saying that for twenty years now. I keep thinking that someday someone will actually take it seriously... Thanks for the demonstration! At least, I will now know what I a

Re: Comparison of RSA vs elliptical keys

Robert J. Hansen wrote: > > RJH's answer sounds like a good piece of advice, but still, at the > > end, we HAVE to to choose which algorithm to use when creating new > > key pairs. > > rjh@maggie:~$ gpg --gen-key > gpg: WARNING: using experimental features from RFC4880bis! > Note: Use "gpg --ful

Re: Comparison of RSA vs elliptical keys

> RJH's answer sounds like a good piece of advice, but still, at the end, > we HAVE to to choose which algorithm to use when creating new key pairs. rjh@maggie:~$ gpg --gen-key gpg: WARNING: using experimental features from RFC4880bis! Note: Use "gpg --full-generate-key" for a full featured key ge

Re: Comparison of RSA vs elliptical keys

On Wed, May 13, 2020 at 10:02:14AM +0200, Sylvain Besençon via Gnupg-users wrote: RJH's answer sounds like a good piece of advice, but still, at the end, we HAVE to to choose which algorithm to use when creating new key pairs. No you don’t. You can simply use `gpg --gen-key` and let GnuPG cr

Re: Comparison of RSA vs elliptical keys

Le 12.05.20 à 19:27, Grzegorz Kulewski a écrit : Disclaimer: I am not a cryptographer either, let's just say I am an advisor. So, anybody, please correct me, if needed. 1. In terms of key size Curve 25519 and P-256 should have same strength: ~128 bits (== comparing with good symmetric cipher,

Re: Comparison of RSA vs elliptical keys

> However, I would be interested to know which ECC cipher would you > recommend to replace RSA. "Yes". :) Back when we got these questions -- Elgamal? RSA? DSA? Help? -- we used to tell people what mattered far, far more than which algorithm they used was how much care they gave to their syst

Re: Comparison of RSA vs elliptical keys

On 12-05-2020 17:04, Sylvain Besençon via Gnupg-users wrote: >> Probably not. The future is elliptical-curve cryptography, which will >> bring a level of safety comparable to RSA-16384. Yes, if attacked by classical computers. > However, I would be interested to know which ECC cipher would you >

Re: Comparison of RSA vs elliptical keys

W dniu 12.05.2020 o 17:04, Sylvain Besençon via Gnupg-users pisze: > In the FAQ, it is written: >> Will GnuPG ever support RSA-3072 or RSA-4096 by default? >> Probably not. The future is elliptical-curve cryptography, which will bring >> a level of safety comparable to RSA-16384. Every minute we s

Re: Comparison of RSA vs elliptical keys

On Tue, May 12, 2020 at 11:24:57AM +0200, Johan Wevers wrote: > > For example, a 256 bit elliptic curve key has a similar strength to > > a symmetric key of 128 bits. > > Until, of course, a working quantum computer with more than a few qubits > is constructed. Don't worry, there's literally tri

Re: Comparison of RSA vs elliptical keys

Sylvain Besençon via Gnupg-users wrote: > Le 12.05.20 à 11:24, Johan Wevers a écrit : > > On 12-05-2020 3:46, Pete Stephenson via Gnupg-users wrote: > > > >> For example, a 256 bit elliptic curve key has a similar strength > >> to a symmetric key of 128 bits. > > > > Until, of course, a working

Re: Comparison of RSA vs elliptical keys

Le 12.05.20 à 11:24, Johan Wevers a écrit : On 12-05-2020 3:46, Pete Stephenson via Gnupg-users wrote: For example, a 256 bit elliptic curve key has a similar strength to a symmetric key of 128 bits. Until, of course, a working quantum computer with more than a few qubits is constructed. The

Re: Comparison of RSA vs elliptical keys

On 12-05-2020 3:46, Pete Stephenson via Gnupg-users wrote: > For example, a 256 bit elliptic curve key has a similar strength to a > symmetric key of 128 bits. Until, of course, a working quantum computer with more than a few qubits is constructed. Then ECC is much more vulnerable than RSA or El

Re: Comparison of RSA vs elliptical keys

On Mon, May 11, 2020, at 5:15 PM, Mark wrote: > I'm trying to understand the differences in strength between an RSA key > and an elliptical one such ed25519 with cv25519. I know with RSA it is > pretty easy to "gauge" the strength 1024 vs 2048 vs 4096.  > > I could not really find anything to say

Comparison of RSA vs elliptical keys

I'm trying to understand the differences in strength between an RSA key and an elliptical one such ed25519 with cv25519. I know with RSA it is pretty easy to "gauge" the strength 1024 vs 2048 vs 4096.  I could not really find anything to say how strong these elliptical keys are and how they compar