[pacman-dev] [PATCH] pacman-key: change signing key to ed25519
Allan McRae
allan at archlinux.org
Thu Nov 5 01:03:06 UTC 2020
On 5/11/20 9:23 am, Jonas Witschel wrote:
> On 2020-11-04 21:53, Geert Hendrickx via pacman-dev wrote:
>> Larger RSA keys are not the way forward, switch to ed25519 instead.
>> This will also become the default in the next version of GnuPG.
>> [...]
>> -Key-Type: RSA
>> -Key-Length: 4096
>> +Key-Type: EDDSA
>> +Key-Curve: ed25519
>
> I will note that the strength of Ed25519 is estimated to be roughly comparable
> to RSA 3027 [1], so the currently chosen RSA 4096 is actually a slightly
> stronger algorithm. I am not saying that this is an argument against using
> Ed25519, which I believe offers ample security for the foreseeable future, but
> to be honest, I do not see a pressing need to switch either:
>
> One main benefit of elliptic curves is the much smaller key size, but that is
> not important for a locally-generated signing key that by design will never be
> shared with anyone else.
>
> On the other hand, Ed25519 is still not formally included in the OpenPGP
> specification [2]. (Again, this is not necessarily an argument against its
> internal use in pacman, since it only needs to be processable by GnuPG.)
>
> However, given the above facts, personally I would feel more comfortable
> holding back this change for now, at least until GnuPG has actually made the
> switch to Ed25519 as its default algorithm.
>
These are strong arguments to keep the current default. Particularly
given there is nothing wrong with the current default at the moment, and
you can initialize your pacman keyring "by hand" if you really are
concerned.
Allan
More information about the pacman-dev
mailing list