0

Given that secp256k1 is used to underpin the entire Bitcoin network (worth $174B as of today) -- it appears to offer demonstrably better security than other EC curves as no one has yet taken the bounty. It also stands to reason that researchers will actively look for vulnerabilities. If somehow broken, we will probably find out rather quickly as anyone with this knowledge will be highly incentivized to use it publicly.

Is there a reason that secp256k1 is not more widely used for gpg keys?

Is this curve also appropriate for encryption or are there additional risks in using this curve?

Jonathan Cross
  • 1,548
  • 1
  • 12
  • 25

1 Answers1

1

See https://exonum.com/blog/09-27-17-digital-signature/ for a short list of several issues with secp256k1 that may make it less desirable to use in certain applications than other ECC curves.

mti2935
  • 19,868
  • 2
  • 45
  • 64
  • This link seems to be down (2021, https://www.w3.org/Provider/Style/URI), do you have an archive link or a copy of the original? – Eric Martindale May 08 '21 at 09:16
  • 1
    @EricMartindale Thanks for your comment. I was able to find an archived version of the page on archive.org at https://web.archive.org/web/20190815225319/https://exonum.com/blog/09-27-17-digital-signature/. – mti2935 May 08 '21 at 09:38
  • Thank you so much, @mti2935 — a very prompt response. Do you have any other updates on your research into the OP's question, or is another answer warranted? – Eric Martindale May 08 '21 at 10:33
  • 1
    @EricMartindale, no problem. I don't have anything more to add. But, if you have more insight into this and you feel compelled to write an answer, I'd be interested in reading whatever you have to share. – mti2935 May 08 '21 at 10:48