Re: GnuPG ElGamal Signing Key

[David Shaw]

On Sep 16, 2008, at 11:03 PM, Kevin Hilton wrote:


Although you would have to go to lengths to create an ElGamal signing
key (rather than a DSA or RSA key), is use of an ElGamal signing key
still considered to be bad behaivor?  The last article I read from
2003 suggested ElGamal signing keys (strictly different than ElGamal
encryption keys) had been compromised:

http://silverstr.ufies.org/blog/archives/000415.html


There was a bug in the Elgamal signing key code in GPG back then.   
There is no longer a bug... and there is also no longer Elgamal  
signing key code.  Elgamal signing keys were dropped from the OpenPGP  
standard in RFC-4880, and so will not be supported in GPG.



As a side note, are there any other possible algorithms that may be
used to generate a signing key other than DSA/RSA/ElGamal.


Yes, but not in OpenPGP.

David

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG ElGamal Signing Key

[Kevin Hilton]

Although you would have to go to lengths to create an ElGamal signing
key (rather than a DSA or RSA key), is use of an ElGamal signing key
still considered to be bad behaivor?  The last article I read from
2003 suggested ElGamal signing keys (strictly different than ElGamal
encryption keys) had been compromised:

http://silverstr.ufies.org/blog/archives/000415.html


As a side note, are there any other possible algorithms that may be
used to generate a signing key other than DSA/RSA/ElGamal.

Thanks.

-- 
Kevin Hilton

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users