Generate new key – ECC vs RSA
I intend to start using GnuPG again. I haven't used it for the last 2 years and was surprised that there is now the option for RSA and ECC keys.
After reading a bit about ECC, it seems to me there is quite a bit uncertainty about where it is going and what curves should be used. There were for example some discussions about whether or not the NIST curves are compromised or not. GnuPG 2.1.11 and libgcrypt 1.6.5 could only choose between NIST- and Brainpool-Curves (Which ECC to choose with GPG?) and this was only 8 month ago. Now we can choose the 25519-Curve too (GnuPG 2.1.18).
My questions are is it safe start using ECC or should one stick with RSA for at least a few more years? I guess I would use the 25519-Curve. But is this curve compatible to older GnuPG versions and other systems or are there some problems? Will this be something we can use for the next few years or should I expect some constant changing in terms of some curves being standardized and staying for a long time (like RSA) and supported by all systems, but some curves might disappear because they're not trustworthy? I also came across a paper where the NSA recommends keep using RSA and wait for Post-Quantum-Cryptography instead of using ECC.
I'm just an average GnuPG-user but it seems to me there is some sort of uncertainty about the way cryptography will develop within the next few years.
