Hi all,
As always, thks for your support.
I've lookied for PGP and GPG in the forums but didn't find anything, so I post a new thread.

Since I can't have FIPS working, and before starting anything else, I want to create a pgp key to secure future executions.
i.e: Brave is asking for one to start; Akonadi Kontact is asking for one, I will need one to encrypt some folders; etc ...

I've found very good answers here [link]https://security.stackexchange.com/questions/72581/new-pgp-key-rsa-rsa-or-dsa-elgamal/72586[/link]

It seems that within GNU Privacy Guard "Pretty Good Privacy" RSA, DSA, Elgamel in 4048 bits are pretty much the same level of security.
I see that ECC benefits in comparison with non-ECC cryptography [...] is the same level of security provided by keys of smaller size.

So I will probably go for an ECC keys.

And I've seen somewhere else that it is not a good idea (practical, maintenance, confusion) to have one key per ID (per email address) so I will have three groups keys, 1.professionnal (6 address) 2.personnal (2 address) 3.public (2 address)

BUT ... my question is about Certification/Authentification/Encryption/Signature
=> Is it better to have ONE key for all, or one key for encryption AND one key for signature/Authentication ?
And all the different compositions that might come out of it, like one key for local encryption (folders, documents, backups); 1 key for messages encryption, 1 key for signature (PDF signature, email signature, ...)

Hi,

It seems you are confusing terms. I'd recommend either a peek at the "Handbook of Applied Cryptography" or, if too detailed for your needs, at least a look at the openssl wiki. Specifically, the page on elliptic curves should give you some pointers. The NIST overview is also nice - neither are a substitute for a lecture in cryptography or the reference book. You should also dig up some more info on PGP.
tl;dr You are comparing different algorithms/ciphers; RSA/DSA are based on Feistel networks, ECC - the name says it. Hence, it makes no sense to compare the size of your key for all three. Also, ElGamal is part of DSA. Finally, if I remember correct, PGP/GPG is an asymmetric cryptographic protocol, hence you need a public/private key combo.

Thks a lot for all that !
While I was away, I got to read some and clearly see your point, indeed no comparison in size as they have a totally different outcome even though they bear the same security level.

I will stick with the ECC, and will have a pair as required

I see that Kgpg isn't up to date as for mos of the curves, it only propose Curve25519, leaving behind Curve383187; Curve41417; M-221; M-382; M-511 and E-222 E-383 E-521
Of course I have no idea of what I'm talking about, it's just a matter of having choice.

Anyway, as the title says, I can't even create an ECC key pair, not with Kleopatra, not with Kgpg, neither in standard mode nor expert mode (console)

Kgpg, in "expert" mode, I go through the process of choosing option (9) ECC; then (1) Curve25519; then 796 (days); then real name and email address; no comment; then password and ... the windows closes instantly.

I've tried to start Kgpg as root and get that:

I've tried to create a simple RSA/RSA key pair and get that error message.
I don't understand, it worked a month ago ... all I did was to leave for a month with the computer off

I've opened a superuser consol and started Kgpg ... I get this:
What happen ? what changed ?