coruus

Keybase proof

I hereby claim:

• I am coruus on github.
• I am coruus (https://keybase.io/coruus) on keybase.
• I have a public key whose fingerprint is 4C27 B4F9 89AF 91D6 DD47 3B85 E7B4 BAE3 DB33 B5CF

To claim this, I am signing this object:

coruus

Introduction

So. Motivated by prior posts by Michael Hamburg and Daniel Bernstein, I made up a list of "good primes" for ECC.

Criteria for primes

General criteria: 80 <= n = ceil(log2(p)) <= 1024.[^bitlen] The prime must be 3 mod 4, so that all Montgomery curves are isogenous to an untwisted Edwards curve. (Note: this criterion excludes 2^255-19, which is 1 mod 4.)

I considered all ridinghood primes and all Crandall primes with c < 64 in this range; there are 10 ridinghood primes and 52 Crandall primes with minimal c in this range.

coruus

OpenPGP deprecation wishlist

TODO:

• S2K stuff
• MUST NOT for old-style checksums

Various

Re 3.7.2.2:

coruus

const byte *
get_session_marker( size_t *rlen )
{
    static byte marker[SIZEOF_UNSIGNED_LONG*2];
    static int initialized;

    if ( !initialized ) {
        volatile ulong aa, bb;
        ulong a, b;

coruus

typedef union {
    int a;
    short b;
    char c[1];
    long d;
#ifdef HAVE_U64_TYPEDEF
    u64 e;
#endif
    float f;
    double g;

coruus

I hope this patch is acceptable in something like its present form. If
so, I'll write up the documentation updates as well. (But I suspect it
may spark some discussion.)

It updates some rather outdated defaults hard-wired into GnuPG:

1. Default cipher algorithm: CAST5 -> AES256
2. Default digest algorithm: SHA1 -> SHA512
3. Default S2K hash algorithm: SHA1 -> SHA256
4. Default S2K iterations: 255 (this takes about 400ms in E2E, not

coruus

### Keybase proof

I hereby claim:

  * I am coruus on github.
  * I am coruus (https://keybase.io/coruus) on keybase.
  * I have a public key whose fingerprint is D25C 2C28 F9DC 3C85 A103  27E7 836E 9A2E D168 486A

To claim this, I am signing this object: