Kleopatra: What is the strongest and most popular cryptography standard for PGP

Bill Joe

8/17/24, 8:41 AM

While setting up PGP for the first time, I am presented with various encryption standards I can use being:

RSA (2048, 3072, 4096 bits) with an option for + RSA (2048, 3072, 4096 bits)
DSA (2048 bits) with an option for + Elgamal (2048, 3072, 4096 bits)
ECDSA/EdDSA (ed25519, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, NIST P-256, NIST P-384, NIST P-521) with an option for + ECDH (ed25519, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, NIST P-256, NIST P-384, NIST P-521)

I have heard of RSA & DSA, but I am unfamiliar with the others.

What are the cryptographic standards for #3 used for? (request for source)
Which combination is the most secure?
Which combination is the most popular/widely used?

1 + 0

standards

Score:0

Crypto

Artur

8/27/24, 3:15 PM

What are the cryptographic standards for #3 used for? (request for source)

EdDSA was recently stadardized by NIST (FIPS 186-5, chapter 7)

Which combination is the most popular/widely used?

I believe that most widely used is the Ed25519 (disregarding NIST P-256, vide What is the difference between ECDSA and EdDSA?). There's also a cool site (that I found few years ago and it's updated on a regular basis) to track Ed25519 adoption: https://ianix.com/pub/ed25519-deployment.html.

Which combination is the most secure?

I would use Ed25519, in most cases it provides sufficient security and interoperability. But if you need something really extra (future-proof, I mean post-quantum), I would recommend you to follow the progress of drafts as draft-wussler-openpgp-pqc-02.

+ 3

Bill Joe

8/28/24, 3:47 PM

Is ECDSA/EdDSA common with ECDH?

Artur

8/28/24, 4:37 PM

@BillJoe Digital Signature Scheme (DSS) and Key Exchange (KEX) are different things. ECDSA/EdDSA are examples of DSS. ECDH is the example of KEX. All of given examples, as a underlying computation layer use Elliptic Curves - hence EC in the acronyms. But, straight to the point - one common thing is that they use Elliptic Curves (the computations are performed in the certain algebraic structure over Elliptic Curve). In the Kleopatra PGP KeyGen, by checking the box "+ECDH" additional pair of key will be generated, because (usually, but not always) EdDSA and ECDH needs separate key generation.

Artur

8/28/24, 4:47 PM

@BillJoe And as you probably deduced from Kleopatra advance key pair generation settings - you can't perform encryption without marking that additional checkbox.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Kleopatra: What is the strongest and most popular cryptography standard for PGP

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.