rsa keys in 1.0.6b 1023 or 1024?

Marcus Brinkmann Marcus.Brinkmann at
Wed Nov 7 16:20:02 CET 2001

On Wed, Nov 07, 2001 at 02:12:03PM +0100, Simon Josefsson wrote:
> Btw, I think it would be nice if the user can chose the RSA key size 
> herself, a minimum of 1024 is unnecessary rigid and maximum of 4096 
> unnecessary low.

If I understood Prof. Dr. Gerhard Frey from university in Essen correctly,
above 1024 bits doesn't make sense because the hash function is the weak
part of the chain and not improved by longer keys above a certain limit
(and it might actually hurt as people are seldom aware of hit and
have a false sense of security).  I wish I had a reference for this other
than my conversation on a workshop about this ;), but maybe someone here can
verify this and produce something more concrete, or wants to do some
research on this.


`Rhubarb is no Egyptian god.' Debian brinkmd at
Marcus Brinkmann              GNU    marcus at
Marcus.Brinkmann at

More information about the Gnupg-devel mailing list