Where did Trust_ go?

homega at vlc.servicom.es homega at vlc.servicom.es
Thu Apr 8 20:32:30 CEST 1999

Tony L. Svanstrom dixit:

> Peole often get confused about this "longer keys are better, but not if
> they're too long"-argument. The fact is that longer keys are harder to
> crack but at the same time a shorter uncrackable key is just as secure as a
> longer one.

You mean longer keys should as hard to crack as shorter ones (down to 512
bits), JUST that they should take a bit longer, right?

> If you are using software that "only" handles 1024 bit RSA then you might
> feel as if it isn't safe simply because you see people using 2048 bit keys
> (or even 4096 bit long keys)

Correct, the feeling is as if you were using "outdated" cryptography.

> AND... if you really were to get paranoid then you might think that the
> "problem" on which most cryptography is based might not be a problem for
> secret agencyies and such,

Exactly!  but there's no need to get too paranoid to jump to that
conclusion.  One thing is believing that some governments/agencies (may) know
how to crack the code, a different thing is thinking that they might be
interested in your private/business communications and waste the resources
needed to break it.

Why I generated those keys was simply because ... it was there, so let's
have it.  I never use them since it takes far too long to sign (or encrypt)
with them.  But W. Koch's answer made me curious about it, both because he
said 2048bit DSA key was a strange thing, and b'c his opinion of a 8192bit
DH key being far from reality.  I just have to take his word for it, but I
liked to know why.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 236 bytes
Desc: not available
Url : /pipermail/attachments/19990408/45d90785/attachment.bin

More information about the Gnupg-devel mailing list