0

While setting up PGP for the first time, I am presented with various encryption standards I can use being:

  1. RSA (2048, 3072, 4096 bits) with an option for + RSA (2048, 3072, 4096 bits)
  2. DSA (2048 bits) with an option for + Elgamal (2048, 3072, 4096 bits)
  3. ECDSA/EdDSA (ed25519, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, NIST P-256, NIST P-384, NIST P-521) with an option for + ECDH (ed25519, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, NIST P-256, NIST P-384, NIST P-521)

I have heard of RSA & DSA, but I am unfamiliar with the others.

What are the cryptographic standards for #3 used for? (request for source)
Which combination is the most secure?
Which combination is the most popular/widely used?

Bill Joe
  • 1

1 Answers1

1
What are the cryptographic standards for #3 used for? (request for source)

EdDSA was recently stadardized by NIST (FIPS 186-5, chapter 7)

Which combination is the most popular/widely used?

I believe that most widely used is the Ed25519 (disregarding NIST P-256, vide What is the difference between ECDSA and EdDSA?). There's also a cool site (that I found few years ago and it's updated on a regular basis) to track Ed25519 adoption: https://ianix.com/pub/ed25519-deployment.html.

Which combination is the most secure?

I would use Ed25519, in most cases it provides sufficient security and interoperability. But if you need something really extra (future-proof, I mean post-quantum), I would recommend you to follow the progress of drafts as draft-wussler-openpgp-pqc-02.

Artur
  • 160
  • 6
  • Is ECDSA/EdDSA common with ECDH? – Bill Joe Aug 28 '23 at 15:47
  • @BillJoe Digital Signature Scheme (DSS) and Key Exchange (KEX) are different things. ECDSA/EdDSA are examples of DSS. ECDH is the example of KEX. All of given examples, as a underlying computation layer use Elliptic Curves - hence EC in the acronyms. But, straight to the point - one common thing is that they use Elliptic Curves (the computations are performed in the certain algebraic structure over Elliptic Curve). In the Kleopatra PGP KeyGen, by checking the box "+ECDH" additional pair of key will be generated, because (usually, but not always) EdDSA and ECDH needs separate key generation. – Artur Aug 28 '23 at 16:37
  • @BillJoe And as you probably deduced from Kleopatra advance key pair generation settings - you can't perform encryption without marking that additional checkbox. – Artur Aug 28 '23 at 16:47