FAQ: Re: key length

Werner Koch wk at gnupg.org
Tue Aug 5 10:17:31 CEST 2014

On Tue,  5 Aug 2014 09:18, bernhard at intevation.de said:

> The question is: Are there communication partners who's OpenPGP implementation 
> would not be able to a) check my signature or b) encrypt to my certificate?

re a) You can't know unless you use MUST algorithms of OpenPGP (DSA and
      SHA-1) with suitable key sizes.

re b) OpenPGP specifies 3DES and Elgamal as MUST algorithm.  The card
      supports only RSA and thus there is no guarantee.  In theory.  In
      practice all implementations support RSA.

OpenPGP does not specify supported key lengths.  There is only a lower
bound on the key size but none for an upper limit.  In reality all
_current_ implementations support 4096 bit RSA.  The PPC version of
the OpenPGP smartcard does only support 1024 bit but I would not call
that a current implementation.

Using rsa2048 and SHA-256 should be a safe choice for signatures.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list