Werner Koch wrote:
I know that, of course, but I think that perhaps we'll have no ECC the
next 10 years or so,.. if noone makes the step,...
Uhm,.. I probably have not that detailed knowlegde as you,... but when
I've read the comparisions of cryptographical strength it seemed that
ECC with very smaller key sizes is as strong as RSA/ElGamal with bigger
key sizes,... doesn't this lead to the conclusion that ECC is an
superior algorithm and should be used in favour?
There is no reason for ECC. Even chip cards are getting powerful
enough not to need ECC for cost reasons. There is also the problem
with US patents on many curves and essential implementation details.
Uhm,... yes patents are always a big problem,...
Do you remember when, I think it was BBC, claimed they had a patent in
the US which would cover hyperlinks? Should the the world stop using
knowledge just because someone in the US patented it?
OTOH, there seems to be a move in the NSIS to go for ECC for longer
DSA key sizes; this is due to decision on the new DSA key sizes. So
there might be a change in some time.
Yes,.. I've read about that. And my new key is a RSA-S/ElGamal key,.. so
I probably won't have that DSA/DSS problem :-) .
btw: If GnuPG would implement ECC and add it unofficially to OpenPGP it
could be done in such a way, that it is compatible with the ideas and
Standards are a Good Thing and it is the politic of the GNU project
to comply with reasonable standards as long as there are no technical
reasons to to some thin else.
Yes of course, I indeed love standards,.. but I meant the OpenSource
community around GnuPG could _create_ such a standard.
Look at XMPP (jabber),.. it works... :-)
As you can see, lots of todays standards startet as one-man-application,
e.g. OpenPGP (from PGP/RSA Inc.), JavaScript->ECMAScript (from
OpenPGP has nothing to do with RSA Inc.
Uhm sorry,.. *g* I meant PKCS 1 to somewhere.
Try asking Phil about RSA
Inc. and you will soon see why. The OpenPGP WG has been founded out
of an initiative by Phil Zimmermann and Jon Callas at the 1997 Munich
IETF with the aim to keep PGP alive even if their new company would
fail.
It was in "my" city?? I didn't know that :-)
So if GnuPG would (pseudo-officially) implement that now,.. it could be
the first compliant application later :-)
No, we will however add some ECC support into Libgcrypt as time
permits.
What about using that uhm,.. libecc (http://libecc.sourceforge.net/)?
Best wishes,
Chris.
begin:vcard
fn:Mitterer, Christoph Anton
n:Mitterer;Christoph Anton
org:Munich University of Applied Sciences;Department of Mathematics and Computer Science
adr;quoted-printable;quoted-printable:;;Lothstra=C3=9Fe 34;M=C3=BCnchen;Freistaat Bayern;80335;Federal Republic of Germany
email;internet:[EMAIL PROTECTED]
tel;home:+49 89 24409568
tel;cell:+49 172 8617341
x-mozilla-html:TRUE
url:http://fhm.edu/
version:2.1
end:vcard
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
