what are the sub keys
thajsta at gmail.com
Tue Mar 22 15:38:02 CET 2011
Exactly. Computation time is nothing nowadays. If that was the case,
those who use 1024 bit keys I would think still use the SHA1 hash
algorithm. But now people such as myself use SHA512 and 4096 bit RSA
keys, and if I could use a 8192 bit RSA key and the new SHA512/256
algorithm that I think was published just this past 02 February I would.
On 22/03/2011 10:19 AM, Lists.gnupg at mephisto.fastmail.net wrote:
> On Sat, Mar 19, 2011 at 11:36:57PM -0400 Also sprach Robert J. Hansen:
>> On 3/19/11 10:34 PM, Jonathan Ely wrote:
>>> but be sure to set your preferences and choose a 4096 over 2048.
>> Why? This is like saying, "I like the bank vault on my front door, but
>> I wish it was thicker: I want the extra security." Key length is only a
>> small part (arguably the smallest part) of communications security.
> I agree that 4096 may seem like overkill, but I think the recommendation
> to max out one's RSA key size is defensible. Here's why:
> 1. Modern computers are fast; it costs us almost nothing in terms of
> computation time to use a 4096-bit key.
> 2. Modern computers are fast, and getting faster all the time; remember
> that your security margin may need to be good not just today, but
> against all the attacks that are possible in the future, for as long
> as your data needs to remain secure (decades, for some people). Once
> upon a time, 1024-bit keys were considered perfectly adequate; most
> experts urge against generating keys today with that strength.
> I agree that an awful lot of fuss is made over key length, sometimes to
> the exclusion of other, much more likely attack vectors. However, until
> someone describes for me a compelling reason NOT to bump key length up
> to 4096, my view remains: "Why not?"
> Special case, relating to this thread's original question:
> Some software which is designed to interface with GnuPG, or otherwise
> implement PGP keys, may not support arbitrary key lengths.
> E.G. Evolution used to have a 160-bit hash hard-coded into it's gnupg
> integration (it may still--I haven't used Evolution in a while), which
> meant that to remain DSS-compliant, you could only sign email with a
> 1024-bit DSA key. DSA-2 keys could not be supported directly by
> Evolution. You could circumvent the key-stregth limit by using an RSA
> key as long as you liked. However, in cases when a particular piece of
> software may require use of a key which does not meet your general-use
> criteria, for whatever reason, generating a sub-key which meets the
> requirements can allow you to use the specific feature you need, while
> still enabling you to use other sub-keys for less restrictive
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 834 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users