does gpg cope with very large key sizes

Philippe Cerfon philcerf at googlemail.com
Thu Sep 10 23:29:57 CEST 2009


Hi David.



On Thu, Sep 10, 2009 at 6:07 PM, David Shaw <dshaw at jabberwocky.com> wrote:
>> Pretty much? What do you mean by that? The time/performance issues?
> Yes, but also that it's a silly keysize in the real world.  For most people
> (doing regular-people things like using computers connected to the internet,
> presumably in a house or apartment with a front door), the key would be so
> vastly stronger than the rest of the environment that an attacker wouldn't
> bother to attack it.  Rather they'd go against that front door, or other
> attacks against you and/or your environment.

Of course,... I was aware on this :)
If CIA|NSA|etc. want my secrets (not that my life would be so
interesting ^^), they probably woulnd't try to hack my keys at all,..
but simply beat me until I happly give them everything plus
confessions to anything they want ;)

When I asked you before,.. I just ment if these oversized keys would
still be ok and "secure", in a hypothetical scenario, where everything
else is also perfectly secure (e.g. having a steel door with Superman
guarding it ;-) )


> I don't forsee we'll ever end up with keys that large.  They're just too big
> to conveniently use.  Rather, we'll switch over to algorithms like Elliptic
> Curve

*looked it up*
Ah,.. interesting...
So will this "replace" RSA/DSA? Perhaps also with an OpenPGP without
the strict bindings to SHA1 you mentioned before?
Is it already working (for gpg)? Or when could one expect this being
usable for production?


Cheers,
Philippe.



More information about the Gnupg-devel mailing list