Support for RSA keys > 4096 bits

Nicholas Papadonis at
Wed Nov 7 07:50:03 CET 2018

I read in NIST 800-57 Part 1 Rev. 4 pg 53 that RSA keys length of 15360
bits is equivalent to a 256 bit AES symmetric key.  I also read in other
documentation that NIST recommends such key lengths to protect data beyond
2030.  As email may be retained for many years it would seem appropriate to
secure such communications with a larger key.

Does this data agree with security experts?  Is there a reason why GnuPG
limits RSA key length to 4096 bits?

Thank you,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Gnupg-devel mailing list