Key length for integer- and finite-field cryptography
David Leon Gil
coruus at gmail.com
Thu Aug 7 17:52:29 CEST 2014
So, NIST SP800-57, Table 3, security strength equivalents for finite-
and integer- field cryptography:
80-bit equivalent: 1024 bits
112-bit equivalent: 2048 bits
128-bit equivalent: 3072 bits
192-bit equivalent: 7680 bits
256-bit equivalent: 15360 bits
Take-home: If you are using AES-256, you should max out your key size
in GnuPG. (It is regrettable that only some versions seem to support
strong key-sizes.)
--
Re requirements: NIST SP800-57 Table 4 requires that applications not
use 1024-bit keys. 112-bit security strength is required; thus
2048-bit keys are the *minimum* length in any FIPS-compliant
environment.
--
Here's a Stack Overflow question which explains, essentially, how
these security-strength numbers are derived:
http://crypto.stackexchange.com/questions/17798/how-to-calculate-bit-strength-of-integer-factorization-cryptography-ifc-such-a
- dlg
More information about the Gnupg-devel
mailing list