On Tue, 2013-12-17 at 13:01 -0600, Anthony Papillion wrote: > I know that gnupg is experimenting with ECC and I'm wondering which > curves the team has decided to use. I know there are some curves that > are now suspected of being tainted by the NSA through NIST. Has the > gnupg team ruled using those curves out?
Wouldn't it be nice to include ecc curves up to 1024 bit(ecc brainpool gives you 512 bit at most, maryland 521). I calculated the parameters last year(no ties to maryland) and they are free for noncommercial use ;-) They can be found here: http://www.fh-wedel.de/~an/crypto/accessories/domains_anders.html In the ECC software "Academic Signature" -which contains a minimalistic GnuPG GUI by the way- you can check their sanity, including the MOV condition. There has been a thread on insecure GnuPG defaults lately. (SHA1 hmmmm....) Please keep in mind that (to my knowledge) maryland does allow the export of ecc software up to 256 bit if in the "interest of national security". So why not exclude bit sizes smaller than 256 from the very beginning. regards Michael _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users