The key size warning

Enzo Michelangeli em at
Sat Mar 30 09:20:01 CET 2002

----- Original Message -----
From: "Dmitri" <dmitri at>
To: <gnupg-devel at>
Sent: Saturday, 30 March, 2002 1:11 PM
Subject: Re: The key size warning

> A popular idea, since "Johnny Mnemonic" the movie, is to use broadcast
> TV as source of randomness. This is especially useful because the MPEG-2
> compressed stream is very random (since this is the point of
> compression). Anyone with HDTV receiver already has *gigabits* of
> randomness, just strip the MPEG framing, since it is regular.

A random stream that can be eavesdropped by an attacker (as it's surely the
case with digital broadcasts) is useless for cryptographic purposes. Don't
trust architectural designs from sci-fi movies, especially those where
smuggling data requires a chip implanted in Keanu Reeves' brain :-)

> > I recall reading predictions of 4GB (~32Gb) keys to ensure some
> > strength in the presence of quantum computers.  I'm unsure that
> > the average PC could generate strong 4GB keys.
> Probably not. How would you publish them? :-)

Besides, those predictions sounds pretty meaningless. Quantum computers,
when/if built, would break current public key cryptosystems because quantum
algorithms of polynomial complexity have been found for the underlying
problems (factorization and discrete logarithm). I don't see how that could
be fixed by using huge keys.


More information about the Gnupg-devel mailing list