Beyond Curve25519

Christoph Anton Mitterer calestyo at scientia.net
Sat Jan 17 01:46:22 CET 2015


On Fri, 2015-01-16 at 12:24 -0500, Robert J. Hansen wrote: 
> > Funny... people told that as well with RSA key sizes which are 
> > nowadays no longer considered enough... o.O
> A 1024-bit key is still today considered unassailable... it just doesn't
> have anywhere near the security margin that we want.
>   We advise at least
> 2048-bit keys to give us a comfortable margin, not because we believe
> people are breaking 1024-bit keys.
Well looking at the recommendations made by several expert groups (e.g.
ECRYPT II, or NIST[0]).. then we see higher sizes even for the mid-term
range only.


Cheers,
Chris.


[0] It somehow hurts calling them experts, given how easily they were
framed by NSA ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5313 bytes
Desc: not available
URL: </pipermail/attachments/20150117/893e0a52/attachment.bin>


More information about the Gnupg-devel mailing list