In draft-ietf-openpgp-formats-00.txt:
6.1 Public Key Algorithms
1 - RSA (Encrypt or Sign)
2 - RSA Encrypt-Only
3 - RSA Sign-Only
16 - Elgamal
17 - DSA (Digital Signature Standard)
100 to 110 - Private/Experimental algorithm.
Implementations MUST implement DSA for signatures, and Elgamal for
encryption. Implementations SHOULD implement RSA encryption.
Implementations MAY implement any other algorithm.
{{Editor's note: reserve an algorithm for elliptic curve? Note that
I've left Elgamal signatures completely unmentioned. I think this is
good. --jdcc}}
Why Rabin algorithm has been mostly ignored in discussions,
implementations and
standards? It seems to me that Rabin algorithm is a very decent
alternative to RSA.
It is extremely fast in encryption and verification (only one modular
square),
just as efficient as RSA in signing and decryption, and as secure as RSA
(also depends on the difficulty of factoring). I just do not understand
why it
has been mostly ignored. Have I missed something?
Gary Liu