generating RSA key sizes > 4096
Robert J. Hansen
rjh at sixdemonbag.org
Fri Nov 29 17:10:59 CET 2013
> Currently, several downstream distributions of GnuPG patch the GPG code in
> their packages to support generating RSA keys larger than 4096 bits large.
Which ones besides GPGTools?
The choice of what range of sizes to support is not a trivial one. The
overwhelming majority of OpenPGP installations max out at a 4kbit key.
Further, there has been no clear message from the cryptographic
community that such a large key is in any way useful. NIST believes a
2048-bit key will be secure for 30 years; ENISA recommends a 3072-bit
key. Allowing a 4096-bit key allows people to go far beyond all the
current recommendations; why should it go further?
Additionally, this tends to promote an obsession with key size -- very
often at the expense of other important factors. Whether something is
protected by 2048-bit RSA or 8192-bit RSA doesn't matter a damn, since
no one with two brain cells to rub together will try cryptanalyzing the
traffic. They'll resort to other methods instead.
So, yeah, I don't see a point for this patch, I'm sorry to say. I have
severe doubts as to whether explicitly supporting extraordinarily large
keys is something GnuPG needs to do, support, or facilitate.
(I am not a GnuPG developer and I have absolutely no say in the final
More information about the Gnupg-devel