Given that secp256k1
is used to underpin the entire Bitcoin network (worth $174B as of today) -- it appears to offer demonstrably better security than other EC curves as no one has yet taken the bounty. It also stands to reason that researchers will actively look for vulnerabilities. If somehow broken, we will probably find out rather quickly as anyone with this knowledge will be highly incentivized to use it publicly.
Is there a reason that secp256k1
is not more widely used for gpg keys?
Is this curve also appropriate for encryption or are there additional risks in using this curve?