Key length for integer- and finite-field cryptography

David Leon Gil coruus at gmail.com
Thu Aug 7 20:30:57 CEST 2014


On Thursday, August 7, 2014, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

> Good grief, *no*, *no*, *no*.
>
> *If you require 256 bits of entropy throughout, you need to use something
> other than GnuPG.*


Generally agreed. (I'm assuming you mean 'security strength' when you write
'entropy'; hopefully GnuPG can use arbitrary amounts of entropy if the
system RNG can provide it.)


> The take-home is the same as it's always been.  "If you need X bits of
> entropy, check to make sure each step in the link provides at least X bits.
>  If some provide more, that's fine."


 Completely in agreement; do you disagree with the RSA bit-lengths I
mentioned?

Using AES-256 is *not* a good reason to start using RSA-16k.


But wanting a 256-bit security strength is, right?

- dlg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140807/be1e627f/attachment.html>


More information about the Gnupg-devel mailing list