Do you have any idea why we are still using GPG with RSA cryptography when elliptic curve cryptography (ECC) has been available since 2015-ish?*

I get we probably were very afraid of compatibility with old systems and may have issues, but I'm pretty sure we are mostly OK.



From searching around, i can speculate:

- Doubt around backdoors
- Some implementation were not secure
- Patents


@benoitj I did research and just found poor argument all based on beta status. But that's so 2016.
in my limited experience I can tell is close to imposible to implement ECC, be correct and also be insecure and/or backdoorr-able. Some algo has been reported to be intentionally weakened by NSA, but no ECC.
- Patents & ECC? What do you mean? Where? The ECC reference implementation has been public domain since the beginning:

@esparta patents around ecc, make it difficult to implement. Like RSA when pgp got created.

@esparta Similar to RSA but probably different. RSA itself was patented, ECC is not, but some implementations are.

In the end, lots of uncertainty. Maybe not true anymore, but I'm no expert :P

@benoitj gotcha, I get that part now. As any other public crypto algorithms will be always susceptible to be patented but for specific uses, not exactly for the algo itself, for what gnupg is about it seems freely to implement for encryption and signing. Also, I'm not a lawyer nor expert. That's why I ask.

As you mention, this is different than RSA case, I frankly have my doubts it's the case.

I'm more inclined it's the same case as Openssh + RSA: ECC is there but is not the default.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.