As of version 2.6.2 DidiSoft OpenPGP Library for Java fully supports Elliptic Curve cryptography (ECC) in OpenPGP as defined in RFC 6637.
In this chapter, we are going to make a short introduction to the new ECC encryption and illustrate how to generate your first ECC OpenPGP key pair.
1. What is Elliptic Curve cryptography?
2. Generating an ECC OpenPGP key pair
3. Industry support
What is Elliptic Curve cryptography?
Elliptic Curve cryptography provides asymmetric (public key) cryptography based on mathematic operations with Elliptic Curves over finite fields.
An ECC OpenPGP key consists of a master key which is used for EC DSA signing and an encryption sub key which is used for EC Diffie-Hellman (ECDH) encryption.
Currently the standard for ECC in OpenPGP (RFC 6637) defines three elliptic curves over the finite field of prime numbers introduced by the National Security Agency (NSA) during the 2005 RSA conference: NIST P-256, NIST P-384, NIST-521 (the number shows the finite field of prime numbers with the same size in bits).
Some OpenPGP implementations like GnuPG/gpg has added support for Brainpool curves as well, which we support too as of version 3.1.3.
Comparison with RSA and ElGamal (DH/DSS)
The weakest ECC OpenPGP key pairs (over curve NIST-256) can be compared with a 3072 bit ElGamal or 3072 bit RSA key pair.
Please check section “Security considerations” for more information.
Generating an ECC OpenPGP key pair
Creating an ECC OpenPGP key pair is done with a new set of methods with common name generateEccKeyPair, available in the KeyStore and PGPKeyPair classes.
The supported values for the ECC curve are :
EcCurve.Enum.NIST_P_256; EcCurve.Enum.NIST_P_384; EcCurve.Enum.NIST_P_521; EcCurve.Enum.Brainpool256; EcCurve.Enum.Brainpool384; EcCurve.Enum.Brainpool512; EcCurve.Enum.EdDsa; EcCurve.Enum.Curve25519; |
Below is an example that shows how to generate an ECC key pair with no expiration date and default cipher, compression and hashing key preferences.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | import com.didisoft.pgp.*; public class GenerateKeyPairECC { public static void main(String[] args) throws Exception { // initialize the KeyStore where the key will be generated KeyStore ks = new KeyStore("examples/DataFiles/pgp.keystore", "changeit"); // key primary user Id String userId = "<demo@didisoft.com>"; // preferred hashing algorithms HashAlgorithm.Enum[] hashingAlgorithms = new HashAlgorithm.Enum[] {HashAlgorithm.Enum.SHA256, HashAlgorithm.Enum.SHA384, HashAlgorithm.Enum.SHA512}; // preferred compression algorithms CompressionAlgorithm.Enum[] compressions = new CompressionAlgorithm.Enum[] {CompressionAlgorithm.Enum.ZIP, CompressionAlgorithm.Enum.UNCOMPRESSED}; // preferred symmetric key algorithms CypherAlgorithm.Enum[] cyphers = new CypherAlgorithm.Enum[] {CypherAlgorithm.Enum.AES_128, CypherAlgorithm.Enum.AES_192, CypherAlgorithm.Enum.AES_256}; String privateKeyPassword = "changeit"; EcCurve.Enum masterEcCurve = EcCurve.Enum.NIST_P_521; EcCurve.Enum encryptionEcCurve = EcCurve.Enum.NIST_P_521; int expiresAfterDays = 0; // never expires KeyPairInformation key = ks.generateEccKeyPair(masterEcCurve, encryptionEcCurve, userId, privateKeyPassword, compressions, hashingAlgorithms, cyphers, expiresAfterDays); System.out.println("Generated a " + masterEcCurve.toString() + "/" + encryptionEcCurve.toString() + " ECC OpenPGP key"); } } |
Industry support
The following software products are known to support ECC in OpenPGP as of the time of this writing:
Symantec PGP Command line 10.2.+
GnuPG 2.1+
Summary
This chapter introduced the new Elliptic Curve (ECC) OpenPGP keys defined in RFC 6637 . As of version 3.2.2 DidiSoft OpenPGP Library for Java supports also keys based on Curve25519.
Key generation is done through the methods generateEccKeyPair available in the KeyStore and PGPKeyPair classes.
