confused about public key strength
email at sven-radde.de
Tue May 6 22:04:53 CEST 2008
Matt Kinni schrieb:
> Hello, I can't seam to figure out how the different bitstrengh of my
> public key effects anything. If someone encrypts something to my
> private key, isn't the strength of the private key that matters?
The length of the public key equals the length of the private key. And
there is always a public key corresponding to a private key and vice versa.
Essentially, the "strength" of the key determines how hard it is for
people to calculate the private key when they only know the public key.
> So I have a 1024bit DSA pub and 4096 elgamal key. Isn't the lengh of
> the elgamal key what determines how strong the file is encrypted?
This means that you have a 1024 bit DSA public key, which people use to
verify your signatures. You have a 1024 bit DSA private key, which you
use to make those signatures.
Then, you have a 4096 bit ElGamal public key, which people use to
encrypt data for you. And you have a 4096 bit ElGamal private key which
you use to decrypt this data.
> What does the size of the public key even matter? I understand that it
> can be used as a singing key, but I have an RSA subkey for that instead.
Then you will use that subkey (for which again there is a private key
and a corresponding public key) to sign data. Commonly, you will still
use the DSA key for signing UIDs on your key or to sign other people's keys.
The DSA key is commonly called "primary key", while all other keys are
called "subkeys". The primary key combined with all of its assigned
subkeys constitutes what one commonly calls "one's key".
Obviously, there can be "your private key" and "your public key".
More information about the Gnupg-users