The key size warning
Dmitri
dmitri at users.sourceforge.net
Sat Mar 30 06:14:02 CET 2002
On Fri, 2002-03-29 at 19:59, V Alex Brennen wrote:
> 2048bits is good, but be careful about just bumping up keysize.
> There is much more to it than just the CPU time the math takes.
>
> Is there enough entropy available on the average PC to support the
> generation of strong default 2048bit keys? Yes, most likely.
> 4096bits? Yes, most likely. 8192bits? Probably. But, at what
> keysize does that become usually not the case?
Entropy is not in short supply :-) On key sizes that you mention,
probably the user will need to wiggle the mouse couple of times. For
megabit-sized keys, the user will need to play a game or two in Unreal
Tournament. For gigabit-sized keys he will need a local source of
randomness, something like a PCI card with a white noise generator and
the necessary A-D converter. The RF noise from the sky is quite random
as well - a stream of samples from Seti at Home will do just fine :-)
A popular idea, since "Johnny Mnemonic" the movie, is to use broadcast
TV as source of randomness. This is especially useful because the MPEG-2
compressed stream is very random (since this is the point of
compression). Anyone with HDTV receiver already has *gigabits* of
randomness, just strip the MPEG framing, since it is regular.
> I recall reading predictions of 4GB (~32Gb) keys to ensure some
> strength in the presence of quantum computers. I'm unsure that
> the average PC could generate strong 4GB keys.
Probably not. How would you publish them? :-)
Dmitri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20020330/7375c87b/attachment.bin
More information about the Gnupg-devel
mailing list