Key length for integer- and finite-field cryptography

David Leon Gil coruus at
Thu Aug 7 20:30:57 CEST 2014

On Thursday, August 7, 2014, Robert J. Hansen <rjh at> wrote:

> Good grief, *no*, *no*, *no*.
> *If you require 256 bits of entropy throughout, you need to use something
> other than GnuPG.*

Generally agreed. (I'm assuming you mean 'security strength' when you write
'entropy'; hopefully GnuPG can use arbitrary amounts of entropy if the
system RNG can provide it.)

> The take-home is the same as it's always been.  "If you need X bits of
> entropy, check to make sure each step in the link provides at least X bits.
>  If some provide more, that's fine."

 Completely in agreement; do you disagree with the RSA bit-lengths I

Using AES-256 is *not* a good reason to start using RSA-16k.

But wanting a 256-bit security strength is, right?

- dlg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140807/be1e627f/attachment.html>

More information about the Gnupg-devel mailing list