GnuPG cryptographic defaults on the 2.2 branch

Peter Lebbing peter at
Thu Sep 21 11:43:10 CEST 2017

On 20/09/17 18:59, Daniel Kahn Gillmor wrote:
> This statement seems to mix two different types of security requirements
> -- security against malware or system compromise vs. security against
> cryptanalytic attack.

But if you're really up against people with that much cryptanalysis
power, wouldn't they also be very advanced in different ways of attack?

I think the NIST "by 2020" argument is much stronger than a worry about
a super advanced machine that is in the worst scenario still a factor
one billion removed from actually posing a threat to 2048-bit keys.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170921/56f97b7a/attachment.sig>

More information about the Gnupg-devel mailing list