I will explain about HOWTO Ed25519 / X25519 (the new ECC).
GnuPG 2.1 (in Stretch) supports Ed25519 signature and X25519 encryption. The key is short, crypto computation is fast, and strength is considered good enough.
In Debconf 15, I was asked about how to generate Ed25519/X25519 keys and wrote an article: https://www.gniibe.org/memo/software/gpg/keygen-25519.html
It is also supported by OpenSSH. (Although we can’t put ssh-ed25519 keys to Alioth, yet.)
Sure, it is supported by Gnuk Token, and it’s quite useful because it’s faster than RSA.
In this short talk, basic organization of GnuPG 2.1 will be explained by demonstration, so that people can understand better. The intended audience is general Debian users. Crypto expert also could enjoy the demonstration about separation of data management, but detail of crypto algo or implementation will not be explained.
GnuPG 2.1 is now in Debian Stretch. While it comes with new features like ECC support, most important change is its architecture; In GnuPG 2.1, it consists of sub components (gpg command line front end, gpg-agent, dirmngr, scdaemon, etc.), and each component has its own role.
Focusing major use cases (encryption, decryption, signing, checking signature, and OpenSSH authentication), we will demonstrate the basic organization of GnuPG 2.1 by our family members. Cast plan (not yet decided, will be changed):
gpg: Ayumi (daughter) gpg-agent: Hitoe (wife) dirmngr: Hiroshi (son) scdaemon: gniibe (me)
Gnuk is the USB security token implementation. It is supported by GnuPG 2.1 very well. In this BoF, we discuss current status of Gnuk, and how it’s useful to Debian Developers and Users. URL: https://www.fsij.org/gnuk/