rsa keys in 1.0.6b 1023 or 1024?
Marcus Brinkmann
Marcus.Brinkmann at ruhr-uni-bochum.de
Wed Nov 7 16:20:02 CET 2001
On Wed, Nov 07, 2001 at 02:12:03PM +0100, Simon Josefsson wrote:
> Btw, I think it would be nice if the user can chose the RSA key size
> herself, a minimum of 1024 is unnecessary rigid and maximum of 4096
> unnecessary low.
If I understood Prof. Dr. Gerhard Frey from university in Essen correctly,
above 1024 bits doesn't make sense because the hash function is the weak
part of the chain and not improved by longer keys above a certain limit
(and it might actually hurt as people are seldom aware of hit and
have a false sense of security). I wish I had a reference for this other
than my conversation on a workshop about this ;), but maybe someone here can
verify this and produce something more concrete, or wants to do some
research on this.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd at debian.org
Marcus Brinkmann GNU http://www.gnu.org marcus at gnu.org
Marcus.Brinkmann at ruhr-uni-bochum.de
http://www.marcus-brinkmann.de
More information about the Gnupg-devel
mailing list